| Key | Value |
|---|---|
| Tool |
Vendor: OWASP Foundation Name: CycloneDX Maven plugin Version: 2.7.9 |
| Component |
bom-ref: pkg:maven/org.apache.pulsar/pulsar@3.1.0-SNAPSHOT?type=pom Type: library Name: pulsar purl: pkg:maven/org.apache.pulsar/pulsar@3.1.0-SNAPSHOT?type=pom |
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | provided sbom is in a supported sbom format of spdx,cyclonedx | 10.0 |
|
| 2 | provided sbom should be in supported spec version for spec:1.4 and versions: 1.0,1.1,1.2,1.3,1.4 | 10.0 |
|
| 3 | provided sbom should be in supported file format for spec: json and version: json,xml | 10.0 |
|
| 4 | provided sbom is parsable | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | 0/1032 have supplier names | 0.0 |
|
| 2 | 1032/1032 have names | 10.0 |
|
| 3 | 1032/1032 have versions | 10.0 |
|
| 4 | 1032/1032 have unique ID's | 10.0 |
|
| 5 | doc has 4003 relationships | 10.0 |
|
| 6 | doc has 1 authors | 10.0 |
|
| 7 | doc has creation timestamp | 0.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | Doc Fields:true Pkg Fields:true | 10.0 |
|
| 2 | 980/1032 have licenses | 9.5 |
|
| 3 | 892/1032 have checksums | 8.6 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | 980/1032 components with valid license | 9.5 |
|
| 2 | 1032/1032 components have primary purpose specified | 10.0 |
|
| 3 | 32/1032 components have deprecated licenses | 9.7 |
|
| 4 | 0/1032 components have restricted licenses | 10.0 |
|
| 5 | 1032/1032 components have any lookup id | 10.0 |
|
| 6 | 0/1032 components have multiple lookup id | 0.0 |
|
| 7 | 1/1 tools have creator and version | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | doc has a sharable license free 0 :: of 0 | 0.0 |
|