Have a flag to generate a single BOM despite multiple package managers

[sbs2001]

Currently the tool generates BOM file for each detected package manager like bom-go-mod.spdx, bom-yarn.spdx etc.

On addition of this flag, say --merge, the tool shall produce only a output file.

This will make it easier for other tools to leverage this tool.

[sbs2001]

I guess for #263 , it makes sense to address this issue first ? wdyt @nishakm ? Let me know if the approach is good, I'll make a PR.

[nishakm]

I think the original idea was to generate the SBOM based on what packaging ecosystem the top level project is using. However, I can see a situation where multiple languages are used. I would first figure out how to provide a list of package managers and then generate a BOM containing all of it. Does this make sense?

[sbs2001]

@nishakm yes indeed. That’ll be a good starting point.