vulnlog validate

Validates one or more Vulnlog files against the schema and all validation rules.

Parsing a Vulnlog is the first stage in the validation process. After the Vulnlog document is parsed successfully, its content is validated.

The validation is either successful or reports one or multiple issues:

Error	Indicate structurally invalid or semantically broken files that would produce incorrect output.
Warning	File is technically valid, but something is likely wrong or will cause problems in the future.
Info	Informational findings that highlight potential improvements or non-critical observations.

vulnlog validate <file...> [--strict]

Flag Description

Flag	Description
`--strict`	Treats warnings as errors.
`-`	Use to read from STDIN.

--strict

Treats warnings as errors.

-

Use to read from STDIN.

Validate multiple Vulnlog files.

vulnlog validate web-app-1.vl.yaml web-app-2.vl.yaml
Validation OK

Validate a Vulnlog file from STDIN.

vulnlog validate - < vulnlog.yaml
Validation OK

Validation was not successful because an undefined tag was used.

vulnlog validate vulnlog.yaml
Validation findings for vulnlog.yaml:
[ERROR] vulnerabilities[CVE-2023-6481].tags[does not exist]: References undefined tags 'does not exist'. Defined tags: dev dependency
1 error(s)