Skip to content

Commit ceb4826

Browse files
rudsbergrudsberg
committed
[GR-63227] Update SBOM BuildOutput.md, describe unassociated types
PullRequest: graal/20386
2 parents f99b2be + b03b5bb commit ceb4826

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

docs/reference-manual/native-image/BuildOutput.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -269,6 +269,10 @@ When embedded, the SBOM size is displayed.
269269
The number of components is always displayed.
270270
The SBOM feature can be disabled with `--enable-sbom=false`.
271271

272+
Unassociated types are displayed when certain types (such as classes, interfaces, or annotations) cannot be linked to an SBOM component.
273+
If these types contain vulnerabilities, SBOM scanning will not detect them.
274+
To fix this, ensure that proper GAV coordinates (Group ID, Artifact ID, and Version) are defined in the project POM's properties or in _MANIFEST.MF_ using standard formats.
275+
272276
For more information, see [Software Bill of Materials](../../security/native-image.md).
273277

274278
#### <a name="glossary-backwards-edge-cfi"></a>Backwards-Edge Control-Flow Integrity (CFI)

0 commit comments

Comments
 (0)