Import Binaries

👍

Enterprise Feature

This feature is only available in a FOSSA Enterprise subscription. Contact [email protected] for more details.

New Binary Decomposition

Once logged in, you are ready to import your Binary project(s).
From the Add Projects page, you have the option to Decompose Binary

Supported Formats


File Type (mime type)File ExtensionN-Day / SBOM
AnalyzableAndroid Dex.dex
AnalyzableAndroid ODEx.odex
ArchiveAR.a, .ar, .deb, .lib
Archivearj.arj
Archivebzip2.bz2, .tbz, .tbz2
ArchiveCab.cab, .msu
ArchiveCompound types.msi, .msp
ArchiveCpio.cpio
Archivecramfs.cramfs
ArchiveDocker container.tar.gz
ArchiveExt2.ext2
ArchiveExt3.ext3
ArchiveExt4.ext4
ArchiveFAT.fat
ArchiveGZIP.gz
ArchiveHuLinux.hfs, .hfsx
ArchiveJar.jar, .war, .ear
ArchiveLZ4.lz4
ArchiveLzip.lz
ArchiveLZMA.lzma
ArchiveLZOP.lzo
ArchiveMach.mach
ArchiveNTFS.ntfs
ArchiveRPM.rpm
ArchiveRAR.rar
ArchiveRoff.man, .roff
ArchiveRPM DB.rpmdb
ArchiveRPM sign.sig
ArchiveSFS.sfs
ArchiveSquashFS.sqsh, .squashfs, .sfs, .sqf, .sqfs, .sqs, .squ
ArchiveTar.tar, .ova
Archiveupx.upx
ArchiveVMDK.vmdk
AnalyzableWindows dynamic linked library (application/x-dosexec).dll
AnalyzableWindows executable (application/x-dosexec).exe
ArchiveWindows Image Format.wim, .swmnote
AnalyzableWindows object file.obj
AnalyzableWindows registry hive**
AnalyzableWindows UWP/AppX package manifestAppxManifest.xml
ArchiveXar.xar, .pkg
ArchiveXz.xz, .txz
ArchiveZIP.zip, .ipa, .xpi, .vsix, .whl, .apk
Archive7z.7z
AnalyzableFirmware filesFile Formats: SREC, bFLT, base64, Intel HEX, uBoot, wim
File Systems: JFFS2 (.img and .jffs2), romfs, yaffs2, ubifs

Each new revision is carried out on a single uploaded file (artifact): either a binary, or an archive.

Maximum file sizes are as follows.

  • ISO files containing uncompressed data up to 40GB (where 1 GB = 1,073,741,824 bytes - note that the user interface displays file sizes in base-2 format).
  • Archive file types with compressed data (whether uploaded directly or extracted from an archive): up to 7GB.
    Uploads via the user interface must complete within 2 hours, otherwise the upload will fail.
  • Analysis target (whether uploaded directly or extracted from an archive): 200 MB.

Archive files may contain any combination of archive file types and analyzable binary file types.

  • Only ZIP files using standard 'deflate' or 'store' compression methods are supported. Use standard system zip utilities in preference to WinZip and similar tools.
  • FOSSA will respect permissions set on objects in the archive: make sure all files and directories are readable by all users.
  • The combined size of an archive file and its expanded contents must not exceed 17.5 GB.
  • Do not use encrypted ZIP files.
  • The maximum directory depth is 400. After this limit, files and directories will be omitted.
  • Archive file extensions must be as shown. If necessary, rename your archive file before uploading.
  • Analyzable binary file names do not require a specific extension. However, they cannot have a file extension that would normally be associated with a nonexecutable file.

Next, select Add Files and select your desired SBOM file (.json or .xml) to import

📘

Tip

Bulk Binary import is supported, select as many files as desired

Add a unique name and applicable semantic version number

🚧

Note

Providing an existing Binary project name will add the Binary as the latest revision to the existing Binary project.

Once uploading and analyzing the file is complete you will see your Binary appear in your Projects list. You may choose to use the Binary Decomposition project filter to quickly filter to your existing binary projects.

1630

Project List

📘

Tip

Notice all Binary projects will have the Binary Decomposition icon denoted next to them

You may choose to upload a new binary as a new revision to any Binary project.