Commit 09869273 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

docs: change pip index url

parent f5c8d7f5

README.md

+5 −5
Original line number Diff line number Diff line
@@ -7,7 +7,7 @@ This project provides a CLI tool able to publish SBOM files to a [Dependency Tra 
`sbom-scanner` requires Python 3.11 or higher and can be installed with the following command:



```bash

pip install sbom-scanner --index-url https://gitlab.com/api/v4/projects/56596421/packages/pypi/simple

pip install sbom-scanner --index-url https://gitlab.com/api/v4/projects/to-be-continuous%2Ftools%2Fdt-sbom-scanner/packages/pypi/simple --upgrade



# obtain help

sbom-scanner --help
@@ -67,8 +67,8 @@ It is a slash (`/`) separated string, each part being of one the following forms 
* `project-name@version`: the part designates a project name and version

* `project-name`: the part designates a project name only (empty version)



Lastly, the project path supports the `%{sbom_prefix}` pattern, that will be dynamically replaced with the SBOM filename prefix (before the first dot).

Ex: when processing the SBOM file `reports/docker-sbom.cyclonedx.json`, the `%{sbom_prefix}` will be equal to `docker-sbom`.

Lastly, the project path supports the `%{file_prefix}` pattern, that will be dynamically replaced with the SBOM filename prefix (before the first dot).

Ex: when processing the SBOM file `reports/docker-sbom.cyclonedx.json`, the `%{file_prefix}` will be equal to `docker-sbom`.



Project paths examples:
@@ -77,9 +77,9 @@ Project paths examples: 
* `#my-project@v1.1.0`: every SBOM found will be published to the project with name `my-project` and version `v1.1.0`<br/>

  :information_source: depending on your API key permissions, `sbom-scanner` might try to automatically create the project if it doesn't exist<br/>

  :information_source: as in the previous example, this configuration is suitable only if exactly one SBOM file is found

* `#11111111-2222-3333-4444-5555555555/my-project-%{sbom_prefix}`: every SBOM found will be published to a project named `my-project-%{sbom_prefix}`, direct child of project with UUID `11111111-2222-3333-4444-5555555555`<br/>

* `#11111111-2222-3333-4444-5555555555/my-project-%{file_prefix}`: every SBOM found will be published to a project named `my-project-%{file_prefix}`, direct child of project with UUID `11111111-2222-3333-4444-5555555555`<br/>

  :information_source: depending on your API key permissions, `sbom-scanner` might try to automatically create the project if it doesn't exist

* `acme-program@v2/acme-services@v1.3/acme-user-api@v1.3/acme-user-api-%{sbom_prefix}`: complete project path only defined by project names and versions<br/>

* `acme-program@v2/acme-services@v1.3/acme-user-api@v1.3/acme-user-api-%{file_prefix}`: complete project path only defined by project names and versions<br/>

  :information_source: depending on your API key permissions, `sbom-scanner` might try to automatically create the project and its ancestors if they don't exist



## Developers