Is your feature request related to a problem? Please describe.
Establishing accurate component identity is important in an SBOM, as it enables users to clearly understand how each component's identity was determined and the methods applied in this process.
Describe the solution you'd like
By including components.evidence.identity within the SBOM, we provide transparency on the techniques and data sources used to verify component identity, enhancing both the reliability and trustworthiness of the SBOM.
jkowalleck
commented
1 week ago
Is your feature request related to a problem? Please describe.
Establishing accurate component identity is important in an SBOM, as it enables users to clearly understand how each component's identity was determined and the methods applied in this process.
Describe the solution you'd like
By including components.evidence.identity within the SBOM, we provide transparency on the techniques and data sources used to verify component identity, enhancing both the reliability and trustworthiness of the SBOM.
https://cyclonedx.org/docs/1.6/json/#components_items_evidence_identity