update readme

Author: anthony-nhs

README.md

@@ -186,10 +186,10 @@ Check targets (`check.mk`)
 - `grype-scan-json` - Uses grype to scan for vulnerabilities. Uses an sbom generated by `syft-generate-sbom` target to find dependencies. Outputs file to .sbom/grype_analysis.json
 - `grype-scan-json-dev-dependencies` - Uses grype to scan for vulnerabilities. Uses an sbom generated by `syft-generate-sbom-dev-dependencies` target to find dependencies. Outputs file to .sbom/grype_analysis.dev.json
 - `grype-scan-local` - Uses grype to scan local folders for vulnerabilities. This is installed as a pre-commit hook in each project.
-- `grant-scan` - Uses scan to check for possible incompatible licenses. Uses an sbom generated by `syft-generate-sbom` target to find dependencies.
-- `grant-scan-dev-dependencies` - Uses scan to check for possible incompatible licenses. Uses an sbom generated by `syft-generate-sbom-dev-dependencies` target to find dependencies.
-- `grant-scan-json` - Uses scan to check for possible incompatible licenses. Uses an sbom generated by `syft-generate-sbom` target to find dependencies. Outputs file to .sbom/grant_analysis.json
-- `grant-scan-json-dev-dependencies` - Uses scan to check for possible incompatible licenses. Uses an sbom generated by `syft-generate-sbom-dev-dependencies` target to find dependencies. Outputs file to .sbom/grant_analysis.dev.json
+- `grant-scan` - Uses grant to scan for possible incompatible licenses. Uses an sbom generated by `syft-generate-sbom` target to find dependencies.
+- `grant-scan-dev-dependencies` - Uses grant to scan for possible incompatible licenses. Uses an sbom generated by `syft-generate-sbom-dev-dependencies` target to find dependencies.
+- `grant-scan-json` - Uses grant to scan for possible incompatible licenses. Uses an sbom generated by `syft-generate-sbom` target to find dependencies. Outputs file to .sbom/grant_analysis.json
+- `grant-scan-json-dev-dependencies` - Uses grant to scan for possible incompatible licenses. Uses an sbom generated by `syft-generate-sbom-dev-dependencies` target to find dependencies. Outputs file to .sbom/grant_analysis.dev.json
 
 Credentials targets (`credentials.mk`)
 - `aws-configure` - configures an AWS SSO session
@@ -217,12 +217,12 @@ We use tools from [anchore](https://oss.anchore.com/docs/projects/) for various
 This is used to generate SBOM (software bill of materials) for dependencies. 
 There are makefile targets defined that run with most common settings we need. There should be no need to modify any configuration files for use
 
-# grype
+## grype
 This scans for known vulnerabilities.   
 There are several makefile targets defined that can be used to run this - either outputting to console, or to a json file. It can also run for just runtime dependencies or include dev dependencies.   
 You may need to create a `.grype.yaml` with known accepted vulnerabilities in a project while we are waiting for downstream dependencies to update. Details of how to do this are documented at https://oss.anchore.com/docs/guides/vulnerability/filter-results/#ignore-specific-vulnerabilities-or-packages
 
-# grant
+## grant
 This scans for incompatible licenses in dependencies.
 There are several makefile targets defined that can be used to run this - either outputting to console, or to a json file. It can also run for just runtime dependencies or include dev dependencies.   
 There is a default .grant.yaml file placed in home directories of devcontainers that lists acceptable licenses and known packages where the scanner incorrectly identified a license for a dependency.