py-sbom adds file hash to dependencies by default if syft >= 1.20
It's making the sbom needlessly large without providing value, we should disable it by default
It's making the sbom needlessly large without providing value, we should disable it by default