The Software Bill of Materials object describes characteristics of a generated SBOM.
Attributes
Section titled “Attributes”package
- Type:
package - Requirement: required
The device software that is being discovered by an inventory process.
software_components
- Type:
software_component - Requirement: required
The list of software components used in the software package.
created_time
- Type:
timestamp_t - Requirement: recommended
The time when the SBOM was created.
product
- Type:
product - Requirement: recommended
The product that generated the SBOM e.g. cdxgen or Syft.
created_time_dt
- Type:
datetime_t - Requirement: optional
The time when the SBOM was created.