Add support for generate command to create relationships to a UUID/create a system object

[nightlark]

Similar to the functionality in the merge command, it would be convenient if the generate command can establish a relationship to top-level system UUID that contains everything else.

[gliese1337]

I am currently working on a project in which a web UI in HTML and JavaScript is packaged into the data segment of a binary object to produce a single distributable executable. For the web component, I can generate an SBOM easily with npm sbom. I would like to be able to generate the web UI SBOM, generate the executable SBOM (which will not contain any of the UI dependency information as I don't expect Surfactant or any other tool, to recognize JS libraries that happen to be written into the data segment of an executable), and then update the executable SBOM to add in the web UI as an additional dependency. Would this feature support that use case, or should I open a new ticket?

[nightlark]

In theory it could, along with doing a merge to combine the SBOMs into a single file -- it probably gets complicated though when factoring in different SBOM formats, since the format of unique identifiers in different SBOM formats may be incompatible with each other.

Do you have a sample executable with JS libraries written to the data segment? I know languages such as Go have ways of embedding files in binaries -- being able to detect files embedded like that would be an interesting feature.