Add option to also output the scan manifest file
Sebazzz opened this issue · comments
Sebastiaan Dammann commented
At the end of this scan this is shown:
[INFO] Detection time: 1,4337849 seconds.
[INFO] Scan Manifest file: C:\Users\[username]\AppData\Local\Temp\ScanManifest_20231122111548814.json
That file is actually very useful by itself, next to the SBOM, because you can use this file to figure out why sbom-tool thinks there is a certain package used.
Sebastian Gomez commented
This has been added as of version v2.2.2 and can be done using sbom-tool generate -b "C:/repos/test" -bc "C:/repos/test" -ps test -pn test -pv 1 -cd "--ManifestFile C:/repos/test/ScanManifest.json"
the --ManifestFile should be the name of the file you want to the manifest written to. The Scan Manifest will be generated and placed at this location.