Import SBOMs

👍
Enterprise Feature
This feature is only available in a FOSSA Enterprise subscription. Contact [email protected] for more details.

New SBOM Import

Once logged in, you are ready to import your SBOM project(s).
From the Add Projects page, you have the option to Import SBOM(CycloneDX, SPDX)

📘
TIP
Imports must be compliant to:

CycloneDX specification v1.2 , v1.3 , v1.4, v1.5

SPDX 2.2+ , 2.3

For SPDX there are two requirements:

a DESCRIBES relationshipType in the relationships section for the top-level project

the DEPENDS_ON relationshipTypes in the relationships section

in JSON or XML formats

Next, select Add Files and select your desired SBOM file (.json or .xml) to import

📘
Tip
Bulk import is supported, select as many files as desired

Add a unique name and applicable semantic version number

🚧
Note
Providing an existing SBOM project name will add the SBOM as the latest revision to the existing SBOM project.

Once uploading and analyzing the file is complete you will see your SBOM appear in your Projects list

📘
Tip
Notice all SBOM projects will have the SBOM icon denoted next to them

Import SBOMs

👍
Enterprise Feature

New SBOM Import

📘
TIP

📘
Tip

🚧
Note

📘
Tip

👍Enterprise Feature

New SBOM Import

📘TIP

📘Tip

🚧Note

📘Tip

👍
Enterprise Feature

📘
TIP

📘
Tip

🚧
Note

📘
Tip