Merge pull request #407 from viveksahu26/refactor/limit-to-one-feature

limit to single feature and support list autocompletion for list cmd

Author: riteshnoronha

cmd/list.go

@@ -29,11 +29,11 @@ import (
 // userListCmd holds the configuration for the list command
 type userListCmd struct {
 	// Input control
-	path []string
+	path string
 
 	// Filter control
-	features []string
-	missing  bool
+	feature string
+	missing bool
 
 	// Output control
 	basic    bool
@@ -48,42 +48,39 @@ type userListCmd struct {
 // listCmd lists components or SBOM properties based on specified features
 var listCmd = &cobra.Command{
 	Use:          "list",
-	Short:        "List components or SBOM properties based on features",
+	Short:        "List components or SBOM properties based on feature",
 	SilenceUsage: true,
-	Example: `  sbomqs list --features <features> --option  <path-to-sbom-file> 
+	Example: `  sbomqs list --feature <feature> --option <path-to-sbom-file> 
 	
   # List all components with suppliers
-  sbomqs list --features comp_with_supplier samples/sbomqs-spdx-syft.json
+  sbomqs list --feature comp_with_supplier samples/sbomqs-spdx-syft.json
 
   # List all components missing suppliers
-  sbomqs list --features comp_with_supplier --missing samples/sbomqs-spdx-syft.json
+  sbomqs list --feature comp_with_supplier --missing samples/sbomqs-spdx-syft.json
 
   # List all components with valid licenses
-  sbomqs list --features comp_valid_licenses samples/sbomqs-spdx-syft.json
+  sbomqs list --feature comp_valid_licenses samples/sbomqs-spdx-syft.json
 
   # List all components with invalid licenses
-  sbomqs list --features comp_valid_licenses --missing samples/sbomqs-spdx-syft.json
+  sbomqs list --feature comp_valid_licenses --missing samples/sbomqs-spdx-syft.json
 
-  # List all components of SBOM with comp_with_licenses as well as comp_with_version
-  sbomqs list --features="comp_with_licenses,comp_with_version"  samples/photon.spdx.json
-
-  # List all components for both SBOM with comp_with_licenses as well as comp_with_version
-  sbomqs list --features="comp_with_licenses,comp_with_version"  samples/photon.spdx.json samples/sbomqs-cdx-cgomod.json
-
-  # component features: 
+  # Component features: 
   [comp_with_name, comp_with_version, comp_with_supplier, comp_with_uniq_ids, comp_valid_licenses, comp_with_any_vuln_lookup_id, 
   comp_with_deprecated_licenses, comp_with_multi_vuln_lookup_id, comp_with_primary_purpose, comp_with_restrictive_licenses, 
   comp_with_checksums, comp_with_licenses]
   
-  # sbom features:
+  # SBOM features:
   [sbom_creation_timestamp, sbom_authors, sbom_with_creator_and_version, sbom_with_primary_component, sbom_dependencies, 
-  sbom_sharable, sbom_parsable, sbom_spec, sbom_spec_file_format, sbom_spec_version ]
+  sbom_sharable, sbom_parsable, sbom_spec, sbom_spec_file_format, sbom_spec_version]
 `,
 
 	Args: func(_ *cobra.Command, args []string) error {
 		if len(args) < 1 {
 			return fmt.Errorf("requires a path to an SBOM file or directory of SBOM files")
 		}
+		if len(args) > 1 {
+			return fmt.Errorf("only one file path is allowed, got %d: %v", len(args), args)
+		}
 		return nil
 	},
 	RunE: func(cmd *cobra.Command, args []string) error {
@@ -97,7 +94,6 @@ var listCmd = &cobra.Command{
 		ctx := logger.WithLogger(context.Background())
 		uCmd := parseListParams(cmd, args)
 		if err := validateparsedListCmd(uCmd); err != nil {
-			logger.FromContext(ctx).Errorf("Invalid command parameters: %v", err)
 			return err
 		}
 
@@ -112,12 +108,11 @@ func parseListParams(cmd *cobra.Command, args []string) *userListCmd {
 	uCmd := &userListCmd{}
 
 	// Input control
-	uCmd.path = args
+	uCmd.path = args[0]
 
 	// Filter control
-	feature, _ := cmd.Flags().GetString("features")
-	features := strings.Split(feature, ",")
-	uCmd.features = features
+	feature, _ := cmd.Flags().GetString("feature")
+	uCmd.feature = feature
 
 	missing, _ := cmd.Flags().GetBool("missing")
 	uCmd.missing = missing
@@ -130,7 +125,6 @@ func parseListParams(cmd *cobra.Command, args []string) *userListCmd {
 	uCmd.json = json
 
 	detailed, _ := cmd.Flags().GetBool("detailed")
-
 	uCmd.detailed = detailed
 
 	color, _ := cmd.Flags().GetBool("color")
@@ -145,8 +139,8 @@ func parseListParams(cmd *cobra.Command, args []string) *userListCmd {
 
 func fromListToEngineParams(uCmd *userListCmd) *engine.Params {
 	return &engine.Params{
-		Path:     uCmd.path,
-		Features: uCmd.features,
+		Path:     []string{uCmd.path},
+		Features: []string{uCmd.feature},
 		Missing:  uCmd.missing,
 		Basic:    uCmd.basic,
 		JSON:     uCmd.json,
@@ -160,54 +154,95 @@ func init() {
 	rootCmd.AddCommand(listCmd)
 
 	// Filter Control
-	listCmd.Flags().StringP("features", "f", "", "filter by feature (e.g. 'sbom_authors',  'comp_with_name', 'sbom_creation_timestamp') ")
-	err := listCmd.MarkFlagRequired("features")
+	listCmd.Flags().String("feature", "", "Filter by feature (e.g., 'sbom_authors', 'comp_with_name', 'sbom_creation_timestamp'); if repeated, last value is used")
+	err := listCmd.MarkFlagRequired("feature")
 	if err != nil {
 		log.Fatal(err)
 	}
-	listCmd.Flags().BoolP("missing", "m", false, "list components or properties missing the specified feature")
+	listCmd.Flags().BoolP("missing", "m", false, "List components or properties missing the specified feature")
 
 	// Output Control
-	listCmd.Flags().BoolP("basic", "b", false, "results in single-line format")
-	listCmd.Flags().BoolP("json", "j", false, "results in json")
-	listCmd.Flags().BoolP("detailed", "d", true, "results in table format, default")
-	listCmd.Flags().BoolP("color", "l", false, "output in colorful")
+	listCmd.Flags().BoolP("basic", "b", false, "Results in single-line format")
+	listCmd.Flags().BoolP("json", "j", false, "Results in JSON")
+	listCmd.Flags().BoolP("detailed", "d", true, "Results in table format, default")
+	listCmd.Flags().BoolP("color", "l", false, "Output in color")
 
 	// Debug Control
-	listCmd.Flags().BoolP("debug", "D", false, "enable debug logging")
+	listCmd.Flags().BoolP("debug", "D", false, "Enable debug logging")
+
+	// Register flag completion for --feature
+	err = listCmd.RegisterFlagCompletionFunc("feature", func(_ *cobra.Command, _ []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+		var completions []string
+		for feature := range isFeaturePresent {
+			if strings.HasPrefix(feature, toComplete) {
+				completions = append(completions, feature)
+			}
+		}
+		return completions, cobra.ShellCompDirectiveNoFileComp
+	})
+	if err != nil {
+		log.Fatalf("Failed to register flag completion for --feature: %v", err)
+	}
 }
 
 func validateparsedListCmd(uCmd *userListCmd) error {
+	// Check path
 	if len(uCmd.path) <= 0 {
-		fmt.Println("Error: path is required")
 		return errors.New("path is required")
 	}
 
-	if len(uCmd.features) == 0 {
-		fmt.Println("Error: feature is required")
-		log.Fatal("at least one feature must be specified")
+	// Validate feature
+	feature := uCmd.feature
+	if feature == "" {
+		return errors.New("feature is required")
+	}
+
+	// Reject comma-separated lists or any commas
+	if strings.Contains(feature, ",") {
+		if !strings.HasSuffix(strings.TrimSpace(feature), ",") {
+			return fmt.Errorf("--feature expects a single value, got comma-separated list: %q", feature)
+		}
+		return fmt.Errorf("--feature expects a single value, contains comma: %q", feature)
+	}
+
+	// Trim spaces
+	cleaned := strings.TrimSpace(feature)
 
+	uCmd.feature = cleaned
+
+	// Validate against supported features
+	if _, ok := isFeaturePresent[cleaned]; !ok {
+		var supportedFeatures []string
+		for f := range isFeaturePresent {
+			supportedFeatures = append(supportedFeatures, f)
+		}
+		return fmt.Errorf("feature %q is not supported; supported features are: %s", cleaned, strings.Join(supportedFeatures, ", "))
 	}
-	// we want to cover these cases:
-	// 1. --feature=" comp_with_name" ---> this is totally fine as it has only 1 feature
-	// 2. --feature=" comp_with_name " ---> this is also fine as it has only 1 feature
-	// 3. --feature="comp_with_name comp_with_version" ---> this is not fine as it has 2 features
-	// 4. --feature="comp_with_name, comp_with_version" ---> this is also not fine as it has 2 features
-
-	// TODO: validation of feature
-	// // Check if the feature is valid
-	// validFeatures := []string{"comp_with_supplier", "comp_valid_licenses", "sbom_authors"}
-	// featureFound := false
-	// for _, validFeature := range validFeatures {
-	// 	if strings.TrimSpace(uCmd.feature) == validFeature {
-	// 		featureFound = true
-	// 		break
-	// 	}
-	// }
-	// if !featureFound {
-	// 	fmt.Printf("Error: invalid feature '%s'. Valid features are: %v\n", uCmd.feature, validFeatures)
-	// 	return fmt.Errorf("invalid feature '%s'", uCmd.feature)
-	// }
 
 	return nil
 }
+
+var isFeaturePresent = map[string]bool{
+	"comp_with_name":                 true,
+	"comp_with_version":              true,
+	"comp_with_supplier":             true,
+	"comp_with_uniq_ids":             true,
+	"comp_valid_licenses":            true,
+	"comp_with_any_vuln_lookup_id":   true,
+	"comp_with_deprecated_licenses":  true,
+	"comp_with_multi_vuln_lookup_id": true,
+	"comp_with_primary_purpose":      true,
+	"comp_with_restrictive_licenses": true,
+	"comp_with_checksums":            true,
+	"comp_with_licenses":             true,
+	"sbom_creation_timestamp":        true,
+	"sbom_authors":                   true,
+	"sbom_with_creator_and_version":  true,
+	"sbom_with_primary_component":    true,
+	"sbom_dependencies":              true,
+	"sbom_sharable":                  true,
+	"sbom_parsable":                  true,
+	"sbom_spec":                      true,
+	"sbom_spec_file_format":          true,
+	"sbom_spec_version":              true,
+}

docs/list.md

@@ -8,6 +8,61 @@ The `sbomqs list` command allows users to list components or SBOM fileds based o
 sbomqs list [flags] <SBOM file>
 ```
 
+### Autocompletion for `--feature` Flag
+
+- **For Bash**:
+
+  ```bash
+  sbomqs completion bash > sbomqs_completion.sh
+  ```
+
+- **For Zsh**:
+
+  ```bash
+  sbomqs completion zsh > sbomqs_completion.sh
+  ```
+
+This creates a file (`sbomqs_completion.sh`) with the completion logic.
+
+To enable autocompletion, source the script in your shell session:
+
+- **Temporary (Current Session)**:
+
+  ```bash
+  source sbomqs_completion.sh
+  ```
+
+- **Permanent (All Sessions)**:
+
+  - Move the script to a directory in your shell’s path:
+
+    ```bash
+    mv sbomqs_completion.sh ~/.zsh/  # For Zsh, or ~/.bash/ for Bash
+    ```
+
+  - Add it to your shell configuration:
+    - **Bash**: Edit `~/.bashrc` or `~/.bash_profile`:
+  
+      ```bash
+      echo "source ~/.bash/sbomqs_completion.sh" >> ~/.bashrc
+      source ~/.bashrc
+      ```
+
+    - **Zsh**: Edit `~/.zshrc`:
+
+      ```bash
+      echo "source ~/.zsh/sbomqs_completion.sh" >> ~/.zshrc
+      source ~/.zshrc
+      ```
+
+For Zsh, ensure completion is initialized by adding `autoload -Uz compinit && compinit` to `~/.zshrc` if not already present.
+
+Run the following command and press `<Tab>`:
+
+```bash
+sbomqs list --feature=<Tab>
+```
+
 ### Flags
 
 - `--features, -f <feature>`: Specifies the feature to list (required). See supported features below.

pkg/list/report.go

@@ -110,19 +110,19 @@ func (r *Report) detailedReport() {
 				fmt.Println(" No components found")
 				fmt.Println()
 				continue
-			} else {
-				// List components
-				for _, comp := range result.Components {
-					if r.Color {
-						featureCol1 := color.New(color.FgHiMagenta).Sprint(featureCol)
-						nameCol := color.New(color.FgHiCyan).Sprint(comp.Name)
-						versionCol := color.New(color.FgHiGreen).Sprint(comp.Version)
-						table.Append([]string{featureCol1, nameCol, versionCol})
-					} else {
-						table.Append([]string{featureCol, comp.Name, comp.Version})
-					}
+			}
+			// List components
+			for _, comp := range result.Components {
+				if r.Color {
+					featureCol1 := color.New(color.FgHiMagenta).Sprint(featureCol)
+					nameCol := color.New(color.FgHiCyan).Sprint(comp.Name)
+					versionCol := color.New(color.FgHiGreen).Sprint(comp.Version)
+					table.Append([]string{featureCol1, nameCol, versionCol})
 				}
+				table.Append([]string{featureCol, comp.Name, comp.Version})
+
 			}
+
 		} else {
 			// SBOM-based feature
 			featureCol := fmt.Sprintf("%s (%s)", result.Feature, presence)