# | NTIA-minimum-elements | Score: 7.1 | Learn More |
---|---|---|---|
1 | Components of the SBOM include a name field |
10.0
|
- |
2 | SBOM includes the name of the author(s) |
10.0
|
- |
3 | Components of the SBOM include a supplier name |
0.0
|
|
4 | SBOM includes the timestamp of its creation |
10.0
|
- |
5 | SBOM includes a relationship among components |
0.0
|
|
6 | Components of the SBOM include a version field |
10.0
|
- |
7 | Components of the SBOM include a unique identifier |
10.0
|
- |
# | Semantic | Score: 0.4 | Learn More |
---|---|---|---|
1 | SBOM includes all the required field specified by the specification |
0.0
|
|
2 | Components of the SBOM include a checksum value |
0.0
|
|
3 | Components of the SBOM include a license name |
1.2
|
# | Quality | Score: 8.2 | Learn More |
---|---|---|---|
1 | Components of the SBOM include value for its primary purpose |
10.0
|
- |
2 | Components of the SBOM do not include any restricted license |
10.0
|
- |
3 | Components of the SBOM include a valid SPDX license |
1.2
|
|
4 | Components of the SBOM include multiple vulnerability lookup identifiers (CPE and PURL) |
10.0
|
|
5 | Compoents of the SBOM do not include any deprecated license |
10.0
|
- |
# | Structural | Score: 10.0 | Learn More |
---|---|---|---|
1 | SBOM file is successfully parsed |
10.0
|
- |
2 | SBOM file is in a supported version of the specification |
10.0
|
- |
3 | SBOM file is in a supported specification: CycloneDX, SPDX |
10.0
|
- |
4 | SBOM file is in a specification supported format |
10.0
|
- |
# | Sharing | Score: 0.0 | Learn More |
---|---|---|---|
1 | SBOM file has an unencumbered license |
0.0
|