Try out SBOMs/SLSA/Scorecard documents from more sources

[lumjjb]

We've currently only tried our parser on outputs from Syft and SLSA of the k8s community. We encourage folks to try out new sources and different documents, the findings can be reported at #169 - also let us know which ones work well!

[tixu]

Is there a template to respond to this issue? I have tried sbom (format cyclonedx) into the tool it upload the nodes but not the root package and there is no associations. Do you want to limit your tool to OCI images & container? I think there is a lot of added value to have various language/ tools supported.

[pxp928]

Hey @tixu. Issue #169 does have a format defied that you can follow if you are having issues with the specific SBOM. #184 is related as we are currently using heuristics to parse the root package (in the case of an image). We will be increasing support for more artifacts in the near future.