Add language tag to code blocks and correct indented code block

README.md

@@ -30,13 +30,13 @@ Please check the [CLI Reference](docs/sbom-tool-cli-reference.md) document for a
 
 ##### WinGet
 
-```sh
+```shell
 winget install Microsoft.SbomTool
 ```
 
 ##### Homebrew
 
-```bash
+```shell
 brew install sbom-tool
 ```
 

docs/building-from-source.md

@@ -37,7 +37,7 @@ A good new-user tutorial for Visual Studio is available at [this](https://www.yo
 
 In the user's shell of choice, ensure that the Dotnet SDK is installed and available on the `PATH` for the shell. Navigate to the root of the repository, then execute the following command for building the repository:
 
-```
+```shell
 dotnet build
 ```
 
@@ -53,13 +53,13 @@ The tool provides an osx-arm64 version of the tool. If you need to build one loc
 
 The following command will produce a dll that can be executed on ARM based devices running OSX and can be modified to suit your needs:
 
-```
- dotnet publish src/Microsoft.Sbom.Tool/Microsoft.Sbom.Tool.csproj --configuration Release --output bin --runtime osx-arm64 -p:TargetFramework=net8.0 -p:SelfContained=true -p:PublishSingleFile=true -p:IncludeNativeLibrariesForSelfExtract=true -p:IncludeAllContentForSelfExtract=true -p:DebugType=None
+```shell
+dotnet publish src/Microsoft.Sbom.Tool/Microsoft.Sbom.Tool.csproj --configuration Release --output bin --runtime osx-arm64 -p:TargetFramework=net8.0 -p:SelfContained=true -p:PublishSingleFile=true -p:IncludeNativeLibrariesForSelfExtract=true -p:IncludeAllContentForSelfExtract=true -p:DebugType=None
 ```
 
 After running this command you can execute the tool like this:
 
-```
+```shell
 ./bin/Microsoft.Sbom.Tool generate -b ~/tmp/sbom-tool/ -bc ~/tmp/sbom-tool/ -pn TestProject -pv 1.2.3 -ps Microsoft
 ```
 
@@ -75,7 +75,7 @@ Clone this repo.
 
 Build the docker image.
 
-```bash
+```shell
 git clone https://github.com/microsoft/sbom-tool
 cd sbom-tool
 docker build . -t ms_sbom_tool

docs/feature-overview.md

@@ -4,7 +4,7 @@
 
 The files section of the SBOM is generated by traversing and listing all the directories and files found the on the `BuildDropPath` provided to the tool. The tool uses this list of files and generates an SPDXID, a SHA1 hash, and a SHA256 hash. Here's an example:
 
-```
+```json
 "files": [
     {
       "fileName": "./sbom-tool-win-x64.exe",
@@ -53,7 +53,7 @@ Note: These are not the only entries found in the packages section. To view a fu
 
 Example:
 
-```
+```json
 "packages": [
     {
       "name": "Microsoft.VisualStudio.Threading.Analyzers",
@@ -80,7 +80,7 @@ Example:
 
 When the sbom-tool detects an SPDX2.2 SBOM inside of the project it's currently trying to generate an SBOM for, it will list it in the files section as well as add an entry to the `ExternalDocumentRefs` section of the SBOM. Here's an example:
 
-```
+```json
  "files": [
     {
       "fileName": "./manifest.spdx.json",
@@ -107,7 +107,7 @@ When the sbom-tool detects an SPDX2.2 SBOM inside of the project it's currently
  ]
 ```
 
-```
+```json
 "externalDocumentRefs": [
     {
       "externalDocumentId": "DocumentRef-TEST.GIT-bd801c3b7553a08b6874d6bc129203c5a8a95a04-f3bca9cb-67f5-1320-d17e-188a244fc472-1.0-9e563530c733c814fc04ff5c61d8dc9fb4fd29cb",
@@ -124,7 +124,7 @@ When the sbom-tool detects an SPDX2.2 SBOM inside of the project it's currently
 
 At the end of the SBOM you can find some additional properties that can be used as metadata to describe the SBOM itself. Here's an example of what these properties look like:
 
-```
+```json
  "spdxVersion": "SPDX-2.2",
   "dataLicense": "CC0-1.0",
   "SPDXID": "SPDXRef-DOCUMENT",

docs/sbom-tool-api-reference.md

@@ -12,7 +12,7 @@ Users can use the C#-based SBOM API for calling the SBOM tool. This guide is int
 
 Add a reference to the [Microsoft.Sbom.Api](https://www.nuget.org/packages/Microsoft.Sbom.Api) package configuration by utilizing the steps posted to [here](https://www.nuget.org/packages/Microsoft.Sbom.Api).  A sample `.csproj` file" is:
 
-```
+```xml
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
     <TargetFramework>net8.0</TargetFramework>
@@ -126,7 +126,6 @@ Assert.Equal("2.2", specifications.First().Version);
 Each SBOM specification has a list of the required hash algorithms for generating each package and file. This handy API provides the user with that list of hashing algorithms.
 
 ```C#
-
 var algorithms = generator.GetRequiredAlgorithms(spdx22Specification);
 
 Assert.True(algorithms.Count() == 2);

docs/sbom-tool-cli-reference.md

@@ -22,7 +22,7 @@ dotnet build --output c:\outputDrop
 
 Now the user can generate a SBOM for the above project by running the tool they just downloaded:
 
-```
+```shell
 ./sbom-tool-win-x64.exe generate -b c:\outputDrop -bc c:\Users\test\TestProject -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com
 ```
 
@@ -51,7 +51,7 @@ The above list contains the minimum mandatory parameters that the user needs to
 
 By default, the tool will generate SBOM file in a newly created subfolder called `_manifest` inside the BuildDropPath (-b).  In case the user wants to place the SBOM in a different path, specify the `ManifestDirPath -m` parameter, e.g.:
 
-```
+```shell
 ./sbom-tool-win-x64.exe generate -b c:\outputDrop -bc c:\Users\test\TestProject -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com -m c:\sboms
 ```
 
@@ -63,35 +63,35 @@ This command will cause the SBOM tool to generate the SBOM inside the `c:\sboms`
 
 The user can specify verbose logging just by specifying the -V parameter, e.g:
 
-```
+```shell
 ./sbom-tool-win-x64.exe generate -b c:\outputDrop -bc c:\Users\test\TestProject -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com -V Verbose
 ```
 
 ### Scan docker images for dependency packages
 
 Users can scan docker images in order to determine dependency packages.  In this scenario, the user wants to gather dependencies from the docker image `testImage:0.0.1`.  The user can run the following command:
 
-```
+```shell
 ./sbom-tool-win-x64.exe generate -b c:\outputDrop -bc c:\Users\test\TestProject -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com -di testImage:0.0.1
 ```
 
 In addition to the test image, the user may also want to gather all dependencies in a build machine named `ubuntu:1.9`.  The command can specify multiple image arguments for this parameter by separating them with a comma:
 
-```
+```shell
 ./sbom-tool-win-x64.exe generate -b c:\outputDrop -bc c:\Users\test\TestProject -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com -di testImage:0.0.1,ubuntu:1.9
 ```
 
 The arguments for `-b` and `-bc` will specify the path that the tool will scan. For example, the user can generate an SBOM for only the dependency packages of the Docker image with the command:
 
-```
+```shell
 ./sbom-tool-win-x64.exe generate -m c:\outputPath -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com -di testImage:0.0.1
 ```
 
 `-m` provides the user-defined path for generating the SBOM. The tool will generate a new `_manifest\spdx_2.2` subfolder which will hold the SBOM file created during this run. The files section for these parameters will be empty as this run will only scan for the dependency packages of the image.
 
 In order to scan a path to populate the files section of the SBOM, the user can run the following command:
 
-```
+```shell
 ./sbom-tool-win-x64.exe generate -b c:\outputDrop -m c:\outputPath -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com -di testImage:0.0.1
 ```
 
@@ -100,29 +100,29 @@ In order to scan a path to populate the files section of the SBOM, the user can
 You can exclude directories from the component scan by specifying the `-cd` parameter you can pass arguments directly to Component Detection. One of these arguments is `--DirectoryExclusionList`  Filters out specific directories following a minimatch pattern from the component scan which will leave
 the contents of these directories out of the packages section of the SBOM. For example, if you wanted to exclude the `bin` directory from the component scan you would run the following command
 
-```
+```shell
 ./sbom-tool-win-x64.exe generate -b c:\outputDrop -bc c:\Users\test\TestProject -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com -cd "--DirectoryExclusionList **/bin/**"
 ```
 
 You can give multiple exclusion patterns by repeating the `--DirectoryExclusionList` argument. (Note that minimatch combines like `**/bin/**|**/obj/**` won't work):
 
-```
+```shell
 ./sbom-tool-win-x64.exe generate -b c:\outputDrop -bc c:\Users\test\TestProject -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com -cd "--DirectoryExclusionList **/bin/** --DirectoryExclusionList **/obj/**"
 ```
 
 ### Write telemetry to a file
 
 By default, users commonly log telemetry to the console output. In order to log the telemetry as part of the SBOM file, specify the `-t` parameter:
 
-```
+```powershell
 ./sbom-tool-win-x64.exe generate -b c:\outputDrop -bc c:\Users\test\TestProject -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com -t c:\telemetry
 ```
 
 ## Validating an SBOM
 
 With a SBOM file in hand, use the tool to validate the output file with the command:
 
-```
+```shell
 ./sbom-tool-win-x64.exe validate -b c:\outputDrop -o c:\validationOutputPath\output.json -mi SPDX:2.2
 ```
 
@@ -140,20 +140,20 @@ Currently only SPDX2.2 is supported.
 
 If the original command created the SBOM files with the following parameters:
 
-```
+```powershell
 ./sbom-tool-win-x64.exe generate -b c:\outputDrop -bc c:\Users\test\TestProject -pn TestProject -pv 1.0.0 -ps MyCompany -nsb http://mycompany.com -m c:\sboms
 ```
 
 Then the SBOM will not be located at the default location. In order to allow the tool to validate the SBOM at the different location, the user must provide the path to the `_manifest` subfolder that was created in that directory:
 
-```
+```powershell
 ./sbom-tool-win-x64.exe validate -b c:\outputDrop -o c:\validationOutputPath\output.json -mi SPDX:2.2 -m c:\sboms\_manifest
 ```
 
 ### Additional parameters
 
 Verbose logging and writing telemetry to a file will function in the same way they do when generating an SBOM. Here is an example of using both parameters when validating and SBOM:
 
-```
+```powershell
 ./sbom-tool-win-x64.exe validate -b c:\outputDrop -o c:\validationOutputPath\output.json -mi SPDX:2.2 -t c:\telemetry -V verbose
 ```

src/Microsoft.Sbom.Targets/README.md

@@ -1,9 +1,13 @@
 # SBOM Generation for .NET Projects
+
 ## Microsoft.Sbom.Targets
+
 This project implements a custom MSBuild task that generates an SBOM using the SBOM API and CLI tool. The MSBuild task binaries along with the associated targets are packaged as a NuGet package and can be consumed within a .NET project. Once installed, an SBOM will automatically be generated upon packing the .NET project.
 
 ## MSBuild Task Implementation
+
 The custom MSBuild task is implemented across the following partial classes:
+
 - `GenerateSbom.cs`
 - `GenerateSbomTask.cs`
 - `SbomCLIToolTask.cs`
@@ -18,36 +22,40 @@ Due to differences in [MSBuild versions](https://learn.microsoft.com/en-us/visua
 Finally, the `Microsoft.Sbom.Targets.targets` file creates a target that will execute the custom MSBuild task. This file will be automatically imported when consuming the NuGet package.
 
 ## SBOM Generation Properties
+
 The custom MSBuild task accepts most of the arguments available for the [SBOM CLI Tool](../../docs/sbom-tool-arguments.md). After the .targets file is imported into a .NET project, the following properties can be set:
 
 | Property | Default Value | Required |
 |-----------------------------------------------------|-------------|---------|
 | `<GenerateSBOM>`                                    | `false`     | No. To enable SBOM generation, set this to true. |
-| `<SbomGenerationBuildComponentPath>`                | `$(MSBuildProjectDirectory)` | No | 
-| `<SbomGenerationPackageSupplier>`                   | `$(Authors)`. If `$(Authors)` is null, it will set `$(AssemblyName)`     | Yes | 
-| `<SbomGenerationPackageName>`                       | `$(PackageId)`. If `$(PackageId)` is null, it will set `$(AssemblyName)` | Yes | 
-| `<SbomGenerationPackageVersion>`                    | `$(Version)`. If `$(Version)` is null, it will set "1.0.0"               | Yes | 
-| `<SbomGenerationNamespaceBaseUri>`                  | `http://spdx.org/spdxdocs/$(SbomGenerationPackageName)`                  | Yes | 
-| `<SbomGenerationNamespaceUriUniquePart>`            | N/A | No | 
-| `<SbomGenerationExternalDocumentReferenceListFile>` | N/A | No | 
-| `<SbomGenerationFetchLicenseInformation>`           | `false` | No | 
-| `<SbomGenerationEnablePackageMetadataParsing>`      | `false` | No | 
-| `<SbomGenerationVerbosity>`                         | `Information` | No | 
-| `<SbomGenerationManifestInfo>`                      | `SPDX:2.2` | No | 
-| `<SbomGenerationDeleteManifestDirIfPresent>`        | `true` | No | 
+| `<SbomGenerationBuildComponentPath>`                | `$(MSBuildProjectDirectory)` | No |
+| `<SbomGenerationPackageSupplier>`                   | `$(Authors)`. If `$(Authors)` is null, it will set `$(AssemblyName)`     | Yes |
+| `<SbomGenerationPackageName>`                       | `$(PackageId)`. If `$(PackageId)` is null, it will set `$(AssemblyName)` | Yes |
+| `<SbomGenerationPackageVersion>`                    | `$(Version)`. If `$(Version)` is null, it will set "1.0.0"               | Yes |
+| `<SbomGenerationNamespaceBaseUri>`                  | `http://spdx.org/spdxdocs/$(SbomGenerationPackageName)`                  | Yes |
+| `<SbomGenerationNamespaceUriUniquePart>`            | N/A | No |
+| `<SbomGenerationExternalDocumentReferenceListFile>` | N/A | No |
+| `<SbomGenerationFetchLicenseInformation>`           | `false` | No |
+| `<SbomGenerationEnablePackageMetadataParsing>`      | `false` | No |
+| `<SbomGenerationVerbosity>`                         | `Information` | No |
+| `<SbomGenerationManifestInfo>`                      | `SPDX:2.2` | No |
+| `<SbomGenerationDeleteManifestDirIfPresent>`        | `true` | No |
 
 ## Local SBOM Generation Workflow
+
 After building the Microsoft.Sbom.Targets project, it will generate a NuGet package containing the MSBuild task's binaries and associated .targets file in the `bin\$(Configuration)` folder. The following steps describe how to consume this NuGet package and generate an SBOM:
 
 1) Create a sample .NET project.
 2) Open the project's NuGet package manager.
-3) Add the path to the Microsoft.Sbom.Targets NuGet package as a package source. You can name it "Local". 
-4) Look for the Microsoft.Sbom.Targets package within the package manager and install it. 
+3) Add the path to the Microsoft.Sbom.Targets NuGet package as a package source. You can name it "Local".
+4) Look for the Microsoft.Sbom.Targets package within the package manager and install it.
 5) Add the following to your sample project's .csproj file:
-```
-<PropertyGroup>
-  <GenerateSBOM>true</GenerateSBOM>
-</PropertyGroup>
-```
+
+    ```xml
+    <PropertyGroup>
+      <GenerateSBOM>true</GenerateSBOM>
+    </PropertyGroup>
+    ```
+
 6) Build the sample project.
 7) Pack the sample project. The SBOM will be generated under the `_manifest` folder at the root of the NuGet package.