Data Relationships
The following traces the relationship of SBOM parts to Revenera’s internal data collection library.
|
•
|
The Revenera Data Library is indexed and made available to both SBOM Insights and end users. The indexed data includes the component, license, and vulnerability data along with all the relationships between these entities. This data is read-only and globally available across all SBOM Insights Organizations. |
|
•
|
Catalog items are an abstraction of unique combinations of a component version, selected licenses, and associated security vulnerabilities. Catalog items are shared across multiple SBOM parts. |
|
•
|
SBOM parts represent specific instances of catalog items within specific buckets. Additional attributes include associated files, third-party notices data, and instance-specific notes. |