From 5cc0b90d0ea0b312c39009c1d91cdab2f98e01b5 Mon Sep 17 00:00:00 2001
From: Prabhu Subramanian <prabhu@appthreat.com>
Date: Fri, 27 Oct 2023 12:07:44 +0100
Subject: [PATCH] Update docs

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
---
 docs/ADVANCED.md | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/docs/ADVANCED.md b/docs/ADVANCED.md
index 3c11d6ee9..58f933918 100644
--- a/docs/ADVANCED.md
+++ b/docs/ADVANCED.md
@@ -156,13 +156,13 @@ To generate an SBOM with evidence for a java project.
 evinse -i bom.json -o bom.evinse.json <path to the application>
 ```
 
-By default, only occurrence evidences are determined by creating usages slices. To generate callstack evidence, pass either `--with-data-flow` or `--with-reachables`.
+By default, only occurrence evidence is determined by creating usages slices. To generate callstack evidence, pass either `--with-data-flow` or `--with-reachables`.
 
 #### Reachability-based call stack evidence
 
 atom supports reachability-based evidence generation for Java, JavaScript, and TypeScript applications. Reachability refers to data flows that originate from entry points (sources) ending at a sink (which are invocations to external libraries). The technique used is called "Forward-Reachability".
 
-Two necessary prerequisites for this slicing mode are that the input SBOM must be generated with cdxgen and in deep mode (only for java, jars type) and must be placed within the application directory.
+Two necessary prerequisites for this slicing mode are that the input SBOM must be generated with cdxgen and in deep mode (only for java, jars, python type) and must be placed within the application directory.
 
 ```shell
 cd <path to the application>
@@ -170,6 +170,12 @@ cdxgen -t java --deep -o bom.json .
 evinse -i bom.json -o bom.evinse.json -l java --with-reachables .
 ```
 
+```shell
+cd <path to the application>
+cdxgen -t python --deep -o bom.json .
+evinse -i bom.json -o bom.evinse.json -l python --with-reachables .
+```
+
 For JavaScript and TypeScript applications, deep mode is optional.
 
 ```shell
@@ -202,6 +208,12 @@ For JavaScript or TypeScript projects, pass `-l javascript`.
 evinse -i bom.json -o bom.evinse.json --usages-slices-file usages.json --data-flow-slices-file data-flow.json -l javascript --with-data-flow <path to the application>
 ```
 
+For Python with cached usages and reachables file.
+
+```shell
+evinse -i bom.json -o bom.evinse.json --usages-slices-file usages.json --reachables-slices-file reachables.json -l python --with-reachables <path to the application>
+```
+
 ## Generate SBOM from maven or gradle cache
 
 There could be Java applications with complex dependency requirements. Or you might be interested in cataloging your Maven or gradle cache.