This chapter is about explaining definitions and concepts used by SBOM Central. Some are common software development concepts, some have a SBOM Central flavor, and others are SBOM Central specific.
| Name | Topic | Description |
|---|---|---|
| Active user | WebApp | A user belonging to a team is automatically set to Active. |
| Approved | License | A license can be approved per software component/version. |
| Artifacts | WebApp | An artifact is an instance of a component. |
| Artifact status tags | Component | The update/version status for individual artifacts. |
| Component | Component | A component is a collection of files in a repository, or a collection of other components. |
| CVE | Security | Common Vulnerabilities and Exposures |
| CVSS | Security | Common Vulnerability Scoring System (external link) |
| CWE | Security | Common Weakness Enumeration (external link) |
| Dependency component. | Component | or an External component. The dependency/external component is represented with a cloud icon. |
| Diff | License | Making a comparison between the license text and the template text. |
| Exploit | Security | An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in an application or a system to cause unintended or unanticipated behavior to occur |
| Favorites | WebApp | Favorite pages selected in the user interface. |
| History | WebApp | List of events registered in the WebApp. |
| Index page | WebApp | Webpage containing a list of pages associated with a topic. |
| License | License | A software license is a contract between the entity that created/supplied an application, source code, etc and its end-user. A license has a Name, a Type, and an identifying Text. |
| License approval | License | License management: Evaluation and approval for use. |
| License name | License | A common name of the license |
| License source | License | The source of the license information |
| License template text | License | The standard license text for a license type. |
| License type | License | A license type is a software license shared by multiple software components. |
| WebApp | WebApp | SBOM Central Web application is the core part containing business logic, user interface, data storage, and communications. |
| Modes of operation | WebApp | MAIA can operate in Normal or Maintenance mode. |
| Multitenant | WebApp | The single instance of the application serves multiple tenants with a common app but where data and configurations are separated (individual databases). |
| Notifications | WebApp | A list of real-time notifications to be registered and confirmed. |
| Outdated | WebApp | A Delivery report becomes outdated if data related to the report is modified without any changes in the executable code. |
| Permissions | Security | A users permissions decides the functionality currently provided to that user. |
| Permissiveness | License | A description of how permitting the license is |
| Recommendation | License | A general guidance can be set per license type: Approve/Internal use only/Deny |
| SBOM | Dependencies | Software Bill-of-Materials. SBOM Central supports the OWASP CycloneDX (external link) standard. |
| SemVer | WebApp | Artifact versioning system acknowledged by MAIA (see SemVer)) (external link) |
| Show page | WebApp | Webpage containing details about a topic. |
| Single component | Component | A component containing a collection of files in a repository. The single component is represented with a cube icon. |
| SPDX | License | is a standard identifier for the license type (see SPDX) (external link) |
| Tags | WebApp | |
| Teams | WebApp | A user belongs to, at least, one team. |
| Token | Security | An access token containing the security credentials for a login session and identifies the user, the user's groups, a particular application, etc. |
| Top component | Component | |
| Versioning | WebApp | SemVer is the artifact versioning system acknowledged by MAIA (see SemVer)) (external link) |