Outcomes of Importing SBOM Data
Importing the SBOM (Software Bill of Materials) data in the .json (complies with either the CycloneDX or SPDX (Software Package Data Exchange) standards), .xml (complies with the CycloneDX standard), or .spdx (complies with the SPDX (Software Package Data Exchange) standard) file formats into a Code Insight project and scanning them, resulting the following major outcomes:
| • | All inventory items are generated without reflecting file associations in the Associated Files tab—both on the Project Inventory Details pane and on the Inventory Details pane in the Analysis Workbench. |
| • | All inventory items are generated with reflecting the N/A value for the Relationship field in the Inventory Details tab on the Project Inventory Details pane. |
| • | All inventory items are generated with reflecting their forge name and purl value on the Detection Notes field in the Notes & Guidance tab on the Project Inventory Details pane . |
| • | All inventory items are generated without reflecting their Custom version related informations if they orginates from the Debian, Alpine, CentOS, or Fedora forges. |