sbomqs icon indicating copy to clipboard operation
sbomqs copied to clipboard

Published 20 hours ago verified publisher icon interlynk-io

[Scoring] Files Analyzed

Open riteshnoronha opened this issue 2 years ago • 0 comments

A component's metadata in an SBOM is probably more accurate if the generator tool has analyzed the files for the repo. We should consider using this metric for scoring. We know this field exists for SPDX however for cyclonedx we are still re-searching how this is encoded.

@surendrapathak

riteshnoronha avatar Feb 21 '23 23:02 riteshnoronha