Government-mandated SBOMs to throw light on software supply chain security