Data Relationships
The following traces the relationship of SBOM parts to Flexera’s internal SBOM Data Library.
|
•
|
The SBOM Data Library is indexed and made available to both SBOM Management and end users. The indexed data includes the component, license, and vulnerability data along with all the relationships between these entities. This data is read-only and globally available across all Flexera One Organizations using SBOM Management. |
|
•
|
Catalog items are an abstraction of unique combinations of a component version, selected licenses, and associated security vulnerabilities. Catalog items are collected in the SBOM Catalog and shared across multiple SBOM parts. |
|
•
|
SBOM parts represent specific instances of catalog items within specific buckets. Additional attributes include associated files, third-party notices data, and instance-specific notes. |