When importing an SBOM that defines a CPE and/or PURL for the metadata.component, these fields are not populated for the project created.
Other properties of the metadata.component have been fixed in the past, see e.g. https://github.com/DependencyTrack/dependency-track/pull/3179
Steps to Reproduce
Import an SBOM with a metadata.component.cpe entry
Review the project information - it's missing the data for the CPE field.
Expected Behavior
Imported project also populates CPE and PURL fields if present in the metadata.component.cpe/purl
Current Behavior
When importing an SBOM that defines a CPE and/or PURL for the metadata.component, these fields are not populated for the project created. Other properties of the metadata.component have been fixed in the past, see e.g. https://github.com/DependencyTrack/dependency-track/pull/3179
Steps to Reproduce
Expected Behavior
Imported project also populates CPE and PURL fields if present in the metadata.component.cpe/purl
Dependency-Track Version
4.10.0
Dependency-Track Distribution
Container Image
Database Server
PostgreSQL
Database Server Version
No response
Browser
Google Chrome
Checklist