A utility to generate SPDX-compliant Bill of Materials manifests
Why do you think that https://github.com/anchore/syft is a good alternative to bom
A utility to generate SPDX-compliant Bill of Materials manifests
Why do you think that https://github.com/anchore/syft is a good alternative to bom