sbom 1.0.4 
sbom: ^1.0.4 copied to clipboard
darticulate.comA Software Bill of Materials generator specifically for Dart packages.
We analyzed this package 3 days ago, and awarded it 130 pub points (of a possible 160):
0/10 points: Provide a valid pubspec.yaml
Failed to verify repository URL.
Repository has multiple matching pubspec.yaml with name: sbom.
Please provide a valid repository URL in pubspec.yaml, such that:
repositorycan be cloned,- a clone of the repository contains a
pubspec.yaml, which:,- contains
name: sbom, - contains a
versionproperty, and, - does not contain a
publish_toproperty.
- contains
5/5 points: Provide a valid README.md
5/5 points: Provide a valid CHANGELOG.md
10/10 points: Use an OSI-approved license
Detected license: MIT.
10/10 points: 20% or more of the public API has dartdoc comments
126 out of 254 API elements (49.6 %) have documentation comments.
Some symbols that are missing documentation: sbom, sbom.SbomConstants.SbomConstants.new, sbom.SbomConstants.binDir, sbom.SbomConstants.louder, sbom.SbomConstants.pubspecDescription.
10/10 points: Package has an example
20/20 points: Supports 5 of 6 possible platforms (iOS, Android, Web, Windows, macOS, Linux)
-
✓ Android
-
✓ iOS
-
✓ Windows
-
✓ Linux
-
✓ macOS
These platforms are not supported:
Package not compatible with platform Web
Because:
package:sbom/sbom.dartthat imports:package:pub_cache/pub_cache.dartthat imports:package:pub_cache/src/impl.dartthat imports:dart:io
40/50 points: code has no errors, warnings, lints, or formatting issues
Found 29 issues. Showing the first 2:
INFO: The part-of directive uses a library name.
lib/src/generation/sbom_generator.dart:8:1
╷
8 │ part of sbom;
│ ^^^^^^^^^^^^^
╵
To reproduce make sure you are using the lints_core and run dart analyze lib/src/generation/sbom_generator.dart
INFO: The part-of directive uses a library name.
lib/src/generation/sbom_ioutput_generator.dart:8:1
╷
8 │ part of sbom;
│ ^^^^^^^^^^^^^
╵
To reproduce make sure you are using the lints_core and run dart analyze lib/src/generation/sbom_ioutput_generator.dart
0/10 points: All of the package dependencies are supported in the latest version
| Package | Constraint | Compatible | Latest | Notes |
|---|---|---|---|---|
args |
^2.3.1 |
2.7.0 | 2.7.0 | |
crypto |
^3.0.2 |
3.0.7 | 3.0.7 | |
meta |
^1.8.0 |
1.17.0 | 1.17.0 | |
path |
^1.8.2 |
1.9.1 | 1.9.1 | |
pub_cache |
^0.3.1 |
0.3.2 | 0.3.2 | Discontinued |
yaml |
^3.1.1 |
3.1.3 | 3.1.3 |
Transitive dependencies
| Package | Constraint | Compatible | Latest | Notes |
|---|---|---|---|---|
collection |
- | 1.19.1 | 1.19.1 | |
pub_semver |
- | 2.2.0 | 2.2.0 | |
source_span |
- | 1.10.1 | 1.10.1 | |
string_scanner |
- | 1.4.1 | 1.4.1 | |
term_glyph |
- | 1.2.2 | 1.2.2 | |
typed_data |
- | 1.4.0 | 1.4.0 |
To reproduce run dart pub outdated --no-dev-dependencies --up-to-date --no-dependency-overrides.
The package has one or more discontinued direct dependencies.
Discontinued packages are no longer maintained, and can end up being a
liability.
Consider migrating away from these dependencies:
- pub_cache.
10/10 points: Package supports latest stable Dart and Flutter SDKs
20/20 points: Compatible with dependency constraint lower bounds
pub downgrade does not expose any static analysis error.
Analyzed with Pana 0.23.5, Dart 3.10.7.
Check the analysis log for details.
MIT (
