SBOM Manager Release Notes
SBOM Manager Cloud and SaaS deployments are automatically updated to the latest release on a regular maintenance cadence. Self-hosted deployments should reference the IQ Server deployment instructions and system requirements.
SBOM Manager requires using the PostgreSQL database for self-hosted deployments.
Release 184 (November 2024)
Software Bill of Materials that failed validation have a warning message indicating the failure
An optional argument is added to the SBOM Import API to set the version ID on the upload of SBOMs
SBOM Manager Search includes links to the specific version and vulnerability
Users can now use a new /v2/developer/priorities API endpoint to retrieve a paginated list of priorities for a given scan/evaluation. You can also export them to CSV format through a new /v2/developer/priorities/export endpoint.
Release 183 (October 2024)
Binary archives may be analyzed using SBOM Manager to generate a Bill of Materials
Exporting PDF reports has been added to the SBOM Bill of Materials
Bill of Material reports now support importing and displaying unknown components from binary archives
Release 182 (September 2024)
SBOM Manager has access to the Sonatype reference policies for reporting and notifications.
Copy VEX annotations from previous versions.
Release 181 (August 2024)
Early improvements to SBOM Manager expanding the supported
new REST API for SBOM Secured Sharing
added support for Cyclone DX 1.6 format
Implemented the product switcher into the UI to support multiple Sonatype solutions
Release 177 (June 2024)
We proudly announce Sonatype SBOM Manager, your first choice in SBOM Management.
Catalog third-party SBOMs
Monitor the dependencies of all versions of your applications that are available to your customers
Powered by Sonatype's Component Intelligence spanning over 14 ecosystems
Communicate the exploitability status of vulnerabilities to your stakeholders using the VEX workflow
Supports the most common SBOM formats:
CycloneDX, SPDX, VEX, JSON, and XML.