| Key | Value |
|---|---|
| Timestamp | 2024-05-07T16:44:48+00:00 |
| Signature | unsigned |
| Tool |
Vendor: aquasecurity Name: trivy Version: 0.50.4 |
| Component |
bom-ref: b6c02c34-cb18-4c75-984c-a02c7f515d68 Type: application Name: https://github.com/apache/pulsar Properties:
OpenSSF Scorecard: 7.2 / 10 |
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | provided sbom is in a supported sbom format of spdx,cyclonedx | 10.0 |
|
| 2 | provided sbom should be in supported spec version for spec:1.5 and versions: 1.0,1.1,1.2,1.3,1.4,1.5 | 10.0 |
|
| 3 | provided sbom should be in supported file format for spec: json and version: json,xml | 10.0 |
|
| 4 | provided sbom is parsable | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | 0/4832 have supplier names | 0.0 |
|
| 2 | 4832/4832 have names | 10.0 |
|
| 3 | 4695/4832 have versions | 9.7 |
|
| 4 | 4832/4832 have unique ID's | 10.0 |
|
| 5 | doc has 3845 relationships | 10.0 |
|
| 6 | doc has 1 authors | 10.0 |
|
| 7 | doc has creation timestamp 2024-05-07T16:44:48+00:00 | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | Doc Fields:true Pkg Fields:true | 10.0 |
|
| 2 | 4332/4832 have licenses | 9.0 |
|
| 3 | 0/4832 have checksums | 0.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | 662/4832 components with valid license | 1.0 |
|
| 2 | 4832/4832 components have primary purpose specified | 10.0 |
|
| 3 | 1/4832 components have deprecated licenses | 10.0 |
|
| 4 | 530/4832 components have restricted licenses | 8.9 |
|
| 5 | 4695/4832 components have any lookup id | 9.7 |
|
| 6 | 0/4832 components have multiple lookup id | 0.0 |
|
| 7 | 1/1 tools have creator and version | 10.0 |
|
| 8 | primary component found | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | doc has a sharable license free 0 :: of 0 | 0.0 |
|