Update or change tool used to generate sboms

[banjoh]

Describe the rationale for the suggested feature.

Troubleshoot uses spdx-sbom-generator whose latest release is https://github.com/opensbom-generator/spdx-sbom-generator/releases/tag/v0.0.15, released a year ago (July 12th). It has some dependencies that have CVEs that need to be updated. The project is active but no newer releases made yet. There is a pending issue

Describe the feature

Review usage of spdx-sbom-generator. There are quite a number of tools out there such as https://github.com/microsoft/sbom-tool, https://github.com/kubernetes-sigs/bom and a few others I have not listed.

[xavpaice]

@banjoh is this still the case?

[banjoh]

It's still the case. The last release was made in 2022.