chore: Update dependencies in Cargo.toml, Update README.md

Cargo.toml

@@ -15,7 +15,7 @@ colored = "2.1.0"
 clap-stdin = "0.5.1"
 
 [dev-dependencies]
-anyhow = "1.0.79"
-assert_cmd = "2.0.13"
-predicates = "3.0.4"
-pretty_assertions = "1.4.0"
+anyhow = "1.0.89"
+assert_cmd = "2.0.16"
+predicates = "3.1.2"
+pretty_assertions = "1.4.1"

README.md

@@ -8,18 +8,21 @@
 ## Table of Contents
 
 - [Overview](#overview)
+- [The importance of undetstanding supply chain attacks](#the-importance-of-undetstanding-supply-chain-attacks)
 - [Installation](#installation)
-- [Usage](#usage)
-- [Arguments](#arguments)
-- [Contributing](#contributing)
-- [License](#license)
+- [Example Usage](#example-usage)
+- [Application Arguments](#application-arguments)
+- [Troubleshooting](#troubleshooting)
+- [Credits](#credits)
 
 ## Overview
 
-`trustier` is an application that enriches CycloneDX Software Bill of Materials with activity, provenance, and activity information from [Trusty](https://trustypkg.dev).
+`trustier` is an application that parses a CycloneDX Software Bill of Materials and provides activity, provenance, and activity information from [Trusty](https://trustypkg.dev).
 
 The team at [Stacklok](https://stacklok.com) created [Trusty](https://trustypkg.dev) which they describe as a search for an open source packages to understand their trustworthiness based on activity, provenance, and more. Brought to you by the founders of projects such as Kubernetes and Sigstore.
 
+![](img/console.png)
+
 ## The importance of undetstanding supply chain attacks
 
 Supply chain attacks are crucial to address because they can compromise the integrity and security of software systems, even if an organization's proprietary code is secure. These attacks exploit vulnerabilities in the software supply chain, which includes third-party libraries, development tools, and other components used to build, test, deploy, and operate systems. [1]
@@ -56,11 +59,11 @@ Sources:
 
 ## Application Arguments
 
-| Argument               | Description                                                                                            |
-| ---------------------- | ------------------------------------------------------------------------------------------------------ |
-| `<SBOM>`               | The SBOM (Software Bill of Materials) to process. This argument is required.                           |
-| `--ratelimit <MS>`     | The time in milliseconds to pause before making requests to https://trustypkg.dev. Defaults to 500 ms. |
-| `--output_file <FILE>` | Optional file name to write JSON output to. If not provided, output will be printed to the console.    |
+| Argument               | Description                                                                                                 |
+| ---------------------- | ----------------------------------------------------------------------------------------------------------- |
+| `<SBOM>`               | The SBOM (Software Bill of Materials) to process. This argument is required.                                |
+| `--ratelimit <MS>`     | Optional time in milliseconds to pause before making requests to https://trustypkg.dev. Defaults to 500 ms. |
+| `--output_file <FILE>` | Optional file name to write JSON output to. If not provided, output will be printed to the console.         |
 
 ## Example Usage
 
@@ -73,8 +76,14 @@ trustier sbom_file.json --ratelimit 1000
 
 # Optional output_file argument
 trustier sbom_file.json --output_file output.json
+
+# Takes an SBOM from STDIN and outputs JSON without any console decoration
+cat sbom_file.json | trustier -
+
 ```
 
+![](img/output.png)
+
 ## Troubleshooting
 
 During testing, we found there were some required fields needed in the SBOM in order to be considered valid. Ensure at minimum you have the following fields in your components:
@@ -83,6 +92,8 @@ During testing, we found there were some required fields needed in the SBOM in o
 - `purl`
 - `type`
 
+__NOTE:__ `trustier` does not support SPDX formatted SBOMS at this time.
+
 ## Credits
 
 A big thank-you to our friends at [Flaticon](https://www.flaticon.com) for the `trustier` logo.