An SBOM refers to a software library, application, firmware etc. When such an artifact is registered, it is assigned a Product identity, which would be the combination of group (vendor) and name.
Example: An SBOM representing the application com.t2data/epss_cloud@1.3.4 gets the product identity com.t2data/epss_cloud. If the product exists, the artifact will be assigned to it. If not, a new product is created.
When opening the product show page, a table presents all artifacts and versions registered by the system.
For SBOMs, the history is also controlled by the collection of Tags.
To have a reference to a previous version of any software, both identity and tag collection must correspond.