Just a friendly wrapper for getting the sbom for an image.
$ ./get-sbom cgr.dev/chainguard/busybox:latest | ./sbom-to-manifest
alpine-baselayout-data 3.6.5-r0
alpine-keys 2.4-r1
alpine-release 3.20.0-r0
busybox 1.36.1-r29
ca-certificates-bundle 20240226-r0
libcrypto3 3.3.0-r2
libssl3 3.3.0-r2
musl 1.2.5-r1
ssl_client 1.36.1-r29
or, same thing:
$ ./get-manifest cgr.dev/chainguard/busybox:latest