diff --git a/README.md b/README.md index 39ed8073..4afbd2ca 100644 --- a/README.md +++ b/README.md @@ -113,15 +113,16 @@ use the `artifact-name` parameter: The main [SBOM action](action.yml), responsible for generating SBOMs and uploading them as workflow artifacts and release assets. -| Parameter | Description | Default | -| ------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | -| `path` | A path on the filesystem to scan. This is mutually exclusive to `image`. | \ | -| `image` | A container image to scan. This is mutually exclusive to `path`. See [Scan a container image](#scan-a-container-image) for more information. | | -| `registry-username` | The registry username to use when authenticating to an external registry | | -| `registry-password` | The registry password to use when authenticating to an external registry | | -| `artifact-name` | The name to use for the generated SBOM artifact. See: [Naming the SBOM output](#naming-the-sbom-output) | `sbom--.spdx.json` | -| `output-file` | The location to output a resulting SBOM | | -| `format` | The SBOM format to export. One of: `spdx`, `spdx-json`, `cyclonedx`, `cyclonedx-json` | `spdx-json` | +| Parameter | Description | Default | +| --------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | +| `path` | A path on the filesystem to scan. This is mutually exclusive to `image`. | \ | +| `image` | A container image to scan. This is mutually exclusive to `path`. See [Scan a container image](#scan-a-container-image) for more information. | | +| `registry-username` | The registry username to use when authenticating to an external registry | | +| `registry-password` | The registry password to use when authenticating to an external registry | | +| `artifact-name` | The name to use for the generated SBOM artifact. See: [Naming the SBOM output](#naming-the-sbom-output) | `sbom--.spdx.json` | +| `output-file` | The location to output a resulting SBOM | | +| `format` | The SBOM format to export. One of: `spdx`, `spdx-json`, `cyclonedx`, `cyclonedx-json` | `spdx-json` | +| `dependency-snapshot` | Whether to upload the SBOM to the GitHub Dependency submission API | `false` | ### anchore/sbom-action/publish-sbom