generate-srcinfo: merge grype commands

it can generate multiple formats in one go
2025-09-07 10:02:15 +02:00 · 2025-09-07 10:02:15 +02:00 · a6d345ca35
commit a6d345ca35
parent 7395b7c769
1 changed files with 1 additions and 2 deletions
--- a/.github/workflows/generate-srcinfo.yml
+++ b/.github/workflows/generate-srcinfo.yml
@ -91,8 +91,7 @@ jobs:
      - name: Update vulnerability database
        run: |
          msys2-sbom create srcinfo.json.gz sbom.cdx.json
-          ./bin/grype sbom:sbom.cdx.json -o cyclonedx-json --file sbom.vuln.cdx.json
-          ./bin/grype sbom:sbom.cdx.json -o json --file sbom.grype.json
+          ./bin/grype sbom:sbom.cdx.json -o cyclonedx-json=sbom.vuln.cdx.json -o json=sbom.grype.json
          msys2-sbom merge sbom.cdx.json sbom.vuln.cdx.json --grype-json sbom.grype.json

      - uses: actions/upload-artifact@v4