vulnlog fmt
Formats one or more Vulnlog files to the canonical style, keeping files consistent and reviewable across branches.
| YAML comments are not part of the format and are removed on writing. The modify add and modify copy commands write the same canonical style to preserve the canonical Vulnlog YAML format. |
vulnlog fmt <file...> [--check]
| Flag | Description |
|---|---|
|
Do not write changes. Exit non-zero, list the files that are not already formatted, and explain which canonical-style rules each file violates. |
|
Read from STDIN and write the formatted document to STDOUT. |
- reads a single document from STDIN and writes the formatted result to STDOUT.
STDIN cannot be combined with file arguments, and only one STDIN input is accepted.
|
Format multiple files in place.
vulnlog fmt web-app-1.vl.yaml web-app-2.vl.yaml
Formatted: web-app-1.vl.yaml
Already formatted: web-app-2.vl.yaml
Check formatting in CI without writing changes. Each finding names the rule it violates, with the line in the file.
vulnlog fmt --check vulnlog.yaml
Can be reformatted: vulnlog.yaml
[non-canonical-array-style] vulnerabilities[CVE-2026-1234].releases: Line 13: canonical style for this list is a flow array, e.g. key: [value].
[non-canonical-block-scalar] vulnerabilities[CVE-2026-1234].analysis: Line 18: canonical style for this value is a folded block (>-) (found double-quoted).
[comments-not-preserved] YAML comments are removed on write.
Format from STDIN to STDOUT.
vulnlog fmt - < vulnlog.yaml