google
Remove dedicated SBOM flag in favor of `-L` and friends
The --sbom flag was introduced while we were still figuring out how to handle scanning in different contexts and stuff like resolving patterns to files (like with requirements.txt) rather than just 1:1 mappings.
Nowadays we shouldn't need a dedicated flag (in fact right now you can use -L instead of -sbom and get the same results), and it makes it hard to move forward with #1846 due to its slightly special-but-unneeded behaviour.
We should start by deprecating the --sbom flag in favor of -L, and go from there
This issue has not had any activity for 60 days and will be automatically closed in two weeks
See https://github.com/google/osv-scanner/blob/main/CONTRIBUTING.md for how to contribute a PR if you're interested in helping out.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}