SBOM Play - Settings

Remove Rate Limit by GitHub Authentication (Optional)

Note: GitHub tokens are not saved or persisted. You will need to provide your token each time you use the application.

GitHub Personal Access Token (Optional: Provides higher rate limits)^* Create token here

Storage Management

Export & Import (with Checksum Validation)

Checksum Protection: All exports include SHA-256 checksums to detect tampering. Imports automatically verify checksums before importing data.

Export Options

Import Options

For individual cache exports/imports and advanced storage tools, see Debug Tools.

Cache Management

Global Entity Caches: These caches store package, author, and vulnerability data shared across all analyses. Clearing analysis data does not affect these caches, allowing faster re-analysis without re-fetching from APIs.

Loading cache statistics...

Entity Caches (Global)

Analysis Data (Organization/Repository Specific)

This clears organization/repository analysis data but keeps entity caches intact.

Analysis Settings

Maximum Dependency Depth Maximum depth to traverse when resolving dependency trees (default: 10)

Current Value

10 levels

Parallel Processing Depth Threshold At this depth and below, use parallel processing for faster npm resolution (default: 4). Lower = more parallel, faster but more API load.

Current Value

Parallel at depth 4+

Parallel Batch Size Number of dependencies to resolve in parallel at deeper levels (default: 10)

Current Value

10 concurrent

Author Location Enrichment

During analysis, author location data is fetched via GitHub GraphQL API (max ~4,900 authors per run due to rate limits). Authors are prioritised by contribution count. If some were skipped, you can fetch the remaining ones here.

API Settings

API Request Timeout (seconds) Timeout for all API requests in seconds (default: 10)

Current Value

10 seconds

Sanctioned Countries

Compliance Feature: Configure countries sanctioned by your organization. Authors from these countries will be flagged in the Authors page. This helps identify potential compliance risks when authors from sanctioned countries contribute to your dependencies.

Organization Sanctioned Countries Enter ISO 3166-1 alpha-2 country codes separated by commas (e.g., CN, RU, BY). These will be in addition to USA and UN sanctioned countries.

Current Sanctions

Loading sanctions status...

Appearance

Theme Choose your preferred color scheme

Preview

SBOM Play Sample Text

Stored Analyses

Loading stored analyses...

No Data Available

No Stored Analyses Found

You haven't analyzed any organizations yet, or all data has been cleared.

Start Your First Analysis