Support for SBOM Generation in pnpm

[jjh4450]

Description:
Hi pnpm team,

I'd like to inquire about potential plans for Software Bill of Materials (SBOM) support in pnpm. Many package managers, including npm with its npm sbom command, now provide capabilities to generate SPDX or CycloneDX reports - crucial tools for managing supply chain security, vulnerability assessments, and compliance requirements.

Given the growing significance of SBOM in the software development ecosystem, I'm particularly interested in learning about:

1. Plans for built-in SBOM generation functionality (comparable to npm sbom)
2. Potential integrations with established SBOM tools (e.g., CycloneDX)
3. Any current alternatives or recommended methods for generating SBOMs in pnpm projects

Looking forward to your insights on this topic. Thank you for maintaining such an excellent package manager! 🚀

[0mniteck]

I also would be very interested in SBOMs for pnpm this is an important feature of npm