sbom 1.0.4
sbom: ^1.0.4 copied to clipboard

Published 2 years ago •

darticulate.comDart 3 compatible• Latest: 2.1.0

SDKDart Flutter

PlatformAndroid iOS Linux macOS Windows

outdated

→

Metadata

A Software Bill of Materials generator specifically for Dart packages.

More...

likes

140/ 160

pub points

56%

popularity

We analyzed this package 11 hours ago, and awarded it 140 pub points (of a possible 160):

Follow Dart file conventions

20 / 30

0/10 points: Provide a valid `pubspec.yaml`

Failed to verify repository URL.

Please provide a valid repository URL in pubspec.yaml, such that:

repository can be cloned,
a clone of the repository contains a pubspec.yaml, which:,
- contains name: sbom,
- contains a version property, and,
- does not contain a publish_to property.

Repository has multiple matching pubspec.yaml with name: sbom.

5/5 points: Provide a valid `README.md`

5/5 points: Provide a valid `CHANGELOG.md`

10/10 points: Use an OSI-approved license

Detected license: MIT.

Provide documentation

20 / 20

10/10 points: 20% or more of the public API has dartdoc comments

126 out of 242 API elements (52.1 %) have documentation comments.

Some symbols that are missing documentation: sbom, sbom.SbomConstants.binDir, sbom.SbomConstants.louder, sbom.SbomConstants.pubspecDescription, sbom.SbomConstants.pubspecVersion.

10/10 points: Package has an example

Platform support

20 / 20

20/20 points: Supports 5 of 6 possible platforms (iOS, Android, Web, Windows, macOS, Linux)

✓ Android
✓ iOS
✓ Windows
✓ Linux
✓ macOS

These platforms are not supported:

Package not compatible with platform Web

Because:

package:sbom/sbom.dart that imports:
package:pub_cache/pub_cache.dart that imports:
package:pub_cache/src/impl.dart that imports:
dart:io

0/0 points: WASM compatibility

Package not compatible with runtime wasm

Because:

package:sbom/sbom.dart that imports:
package:pub_cache/pub_cache.dart that imports:
package:pub_cache/src/impl.dart that imports:
dart:io

This package is not compatible with runtime wasm, and will not be rewarded full points in a future version of the scoring model.

See https://dart.dev/web/wasm for details.

Pass static analysis

40 / 50

40/50 points: code has no errors, warnings, lints, or formatting issues

Found 21 issues. Showing the first 2:

INFO: The part-of directive uses a library name.

lib/src/generation/sbom_generator.dart:8:1

  ╷
8 │ part of sbom;
  │ ^^^^^^^^^^^^^
  ╵

To reproduce make sure you are using the lints_core and run dart analyze lib/src/generation/sbom_generator.dart

INFO: The part-of directive uses a library name.

lib/src/generation/sbom_ioutput_generator.dart:8:1

  ╷
8 │ part of sbom;
  │ ^^^^^^^^^^^^^
  ╵

To reproduce make sure you are using the lints_core and run dart analyze lib/src/generation/sbom_ioutput_generator.dart

Support up-to-date dependencies

40 / 40

10/10 points: All of the package dependencies are supported in the latest version

Package	Constraint	Compatible	Latest
`args`	`^2.3.1`	2.6.0	2.6.0
`crypto`	`^3.0.2`	3.0.6	3.0.6
`meta`	`^1.8.0`	1.16.0	1.16.0
`path`	`^1.8.2`	1.9.1	1.9.1
`pub_cache`	`^0.3.1`	0.3.2	0.3.2
`yaml`	`^3.1.1`	3.1.2	3.1.2