syft creates SBOMs which contain "files" and those have relationships. However, we current do not ingest those files, and so the relationships are considered "broken", failing the ingestion of such files.
This PR adds support for files in the SBOM graph and also adds a test for syft, making use of this.
syftcreates SBOMs which contain "files" and those have relationships. However, we current do not ingest those files, and so the relationships are considered "broken", failing the ingestion of such files.This PR adds support for files in the SBOM graph and also adds a test for syft, making use of this.
This PR is based on PR #451.