please what does actually BOM/SBOM tool do in lift available through lift.sonatype.com?
I can see that
Bill Of Materials tool is executed during analysis, but I do not understand the results for this module.
I would expect that “bill of materials” will report list of dependencies used in the project, eventually with some more information.
In the build logs, there is just
Running V4 API tools Running Bill Of Materials Sanitizing repository Found 0 bugs in 37 seconds
What bugs does it look for?
Why there is 0 bugs, while lift integrated with maven-central shows multiple vulnerabilities.
What actually can I get or expect from this tool (
Bill Of Materials) on lift.sonatype.com? Is there available any output from this tool?