Component

A Component represents a unit on which the product version is composed.

The component must include:

  • Name

  • Version

  • Type

And may include:

  • Identifiers

    • Package URL (PURL)

    • Common Platform Enumeration (CPE)

  • Description

  • Copyright

  • Supplier

  • License: A component may include a license string using the SPDX license expression.

  • Group

  • Scope of use

  • Support Level

  • End-of-Support Date

  • Visibility flags: Primary, Internal

  • External Links

Components may depend on or can be dependent on other components to create a component relationship graph.

Interlynk enriches SBOM data with insights from open-source ecosystems. This can bring additional details to components, including:

  • OpenSSF Scorecard

  • Component Health Score

  • Package Insights

  • Version Insights

  • Source Code Insights

Last updated