Key | Value |
---|---|
Tool |
Vendor: OWASP Foundation Name: CycloneDX Maven plugin Version: 2.7.9 |
Component |
bom-ref: pkg:maven/org.apache.pulsar/pulsar@3.1.0-SNAPSHOT?type=pom Type: library Name: pulsar purl: pkg:maven/org.apache.pulsar/pulsar@3.1.0-SNAPSHOT?type=pom |
# | Description | Score | Score Progress |
---|---|---|---|
1 | provided sbom is in a supported sbom format of spdx,cyclonedx | 10.0 |
|
2 | provided sbom should be in supported spec version for spec:1.4 and versions: 1.0,1.1,1.2,1.3,1.4 | 10.0 |
|
3 | provided sbom should be in supported file format for spec: json and version: json,xml | 10.0 |
|
4 | provided sbom is parsable | 10.0 |
|
# | Description | Score | Score Progress |
---|---|---|---|
1 | 0/1032 have supplier names | 0.0 |
|
2 | 1032/1032 have names | 10.0 |
|
3 | 1032/1032 have versions | 10.0 |
|
4 | 1032/1032 have unique ID's | 10.0 |
|
5 | doc has 4003 relationships | 10.0 |
|
6 | doc has 1 authors | 10.0 |
|
7 | doc has creation timestamp | 0.0 |
|
# | Description | Score | Score Progress |
---|---|---|---|
1 | Doc Fields:true Pkg Fields:true | 10.0 |
|
2 | 980/1032 have licenses | 9.5 |
|
3 | 892/1032 have checksums | 8.6 |
|
# | Description | Score | Score Progress |
---|---|---|---|
1 | 980/1032 components with valid license | 9.5 |
|
2 | 1032/1032 components have primary purpose specified | 10.0 |
|
3 | 32/1032 components have deprecated licenses | 9.7 |
|
4 | 0/1032 components have restricted licenses | 10.0 |
|
5 | 1032/1032 components have any lookup id | 10.0 |
|
6 | 0/1032 components have multiple lookup id | 0.0 |
|
7 | 1/1 tools have creator and version | 10.0 |
|
# | Description | Score | Score Progress |
---|---|---|---|
1 | doc has a sharable license free 0 :: of 0 | 0.0 |
|