Refine workflow

Signed-off-by: tdruez <[email protected]>

Author: tdruez

.github/workflows/sca-integration-osv-scanner.yml

@@ -1,7 +1,7 @@
 name: Generate SBOM with OSV-Scanner and load into ScanCode.io
 
 # This workflow:
-#  1. Generates a CycloneDX SBOM for a container image using OWASP dep-scan.
+#  1. Generates a CycloneDX SBOM for a container image using OSV-Scanner.
 #  2. Uploads the SBOM as a GitHub artifact for future inspection.
 #  3. Loads the SBOM into ScanCode.io for further analysis.
 #  4. Runs assertions to verify that the SBOM was properly processed in ScanCode.io.
@@ -13,10 +13,6 @@ on:
   schedule:
     # Run once a week (every 7 days) at 00:00 UTC on Sunday
     - cron: "0 0 * * 0"
-  pull_request:
-  push:
-    branches:
-      - main
 
 permissions:
   contents: read

docs/faq.rst

@@ -376,10 +376,10 @@ are actively supported and tested::
   - Anchore: https://anchore.com/sbom/
   - CycloneDX cdxgen: https://cyclonedx.github.io/cdxgen/
   - OWASP dep-scan: https://owasp.org/www-project-dep-scan/
-  - SBOM tool: https://github.com/microsoft/sbom-tool
-  - Trivy: https://trivy.dev/latest/
+  - SBOM tool: https://github.com/microsoft/sbom-tool/
+  - Trivy: https://trivy.dev/
   - OSV-Scanner: https://osv.dev/
 
 .. note:: Imported SBOMs must follow the SPDX or CycloneDX standards, in JSON format.
-   You can use the ``load-sbom`` pipeline to process and enhance these SBOMs in your
+   You can use the ``load_sbom`` pipeline to process and enhance these SBOMs in your
    ScanCode.io projects.