Application Versions
Manage access to the application and view the SBOMs imported for the application. A separate SBOM is saved for each version of your application.
Import new SBOM versions for your application
View a summary of risk for each version of your application
Selecting a version of your SBOM opens the Bill of Material view
Import SBOMs
Import SBOMs manually by selecting the Import SBOMs button or automatically using the REST API.
After selecting Import SBOM, select the Choose File button and navigate to the SBOM file
Valid SBOMs are analyzed and the version ID is extracted from the file
Select the Finish Import button to start the analysis.
The SBOM will take a few minutes before showing up on the display.
Once the analysis has finished, select the version to open the bill of material view
Supported schema versions for importing
This table lists the supported versions for importing SBOMs.
Format | Schema Versions |
---|---|
CycloneDx (XML) | 1.1, 1.2, 1.3, 1.4, 1.5, 1.6 |
CycloneDx (JSON) | 1.4, 1.5, 1.6 |
SPDX (XML, JSON) | 2.3 |
Converting between SPDX and CycloneDX formats
The SPDX and CyconeDX formats are the most popular software bill of materials options. These standards are developed for different use cases and may not completely align with the information found within. Converting between SPDX and CycloneDX formats may result in the loss of data.
Review our blog post to learn more about comparing and converting between SBOM formats and the CycloneDX documentation on the high-level overview of the information lost during conversion.