Known limitations

SBOMFlow is a deterministic, offline-by-default evidence engine. It is honest about its edges on purpose: the measurable limits below are generated from the product's own resource budgets and recognized-input catalog, so this page cannot drift ahead of the code. The rest states plainly what the engine does not do. None of this is softened — a limitation you can read is worth more than a claim you cannot check.

SBOMFlow produces engineering evidence and gap assessments to support CRA-oriented work. It is not a certification, an audit, or legal advice, and it never states or implies conformity. Regulatory conclusions require qualified human judgement that this tool does not provide.

Observed evidence is not a human review

Everything the engine detects is an observation. It never becomes an accepted decision on its own: VEX status, evidence acceptance, release approvals, and waivers come only from human reviewer decision files. A green row means "observed", never "reviewed and cleared".

Resource limits on untrusted input

Inputs may be hostile, so parsing is bounded by secure-by-default budgets. Exceeding one is never a silent truncation — it is stopped and surfaced as a cataloged warning naming the input. The defaults:

LimitDefaultWhat it bounds
Single file read256 MiBThe largest individual file the scanner will read into memory.
Total decompressed size8 GiBThe cumulative uncompressed size an archive may expand to before the read is stopped and warned.
Decompression ratio200:1The uncompressed-to-compressed ratio that trips a decompression-bomb guard.
Archive members / records5,000,000The number of members or records processed from a single container before the input is capped.
Structure nesting depth200The maximum nesting depth parsed from untrusted JSON or structured input.
Single field / string8 MiBThe largest single string or field value read from a structured input.

Input coverage is finite and stated

A default scan parses 29 input types (each with a regression corpus — "supported" means corpus-tested, not a guarantee for every real variant of a format) and recognizes 15 more that it hashes and flags with a warning but does not parse yet — recognized inputs are never silently ignored. Anything outside this set is not treated as inventory. The exact, generated matrix is on the supported inputs page.

It does not execute, sandbox, or scan for malware

All parsing is read-only and static. Binaries are never executed, and SBOMFlow is not an antivirus, a sandbox, or a dynamic analyzer. It records what an input declares or hashes to — not what it does at runtime.

It does not guess component identity

A component is identified from its declared coordinates or its content hash. SBOMFlow performs no fuzzy or name-based matching: an unmatched binary blob is hashed and recorded honestly as content-identified, never guessed against a registry. A scanned "version" that is actually a range or constraint is kept verbatim and neutralized — never invented into a concrete version — and the ambiguity is warned.

Freshness and determinism are scoped

Baseline operation is offline: network vulnerability sources are opt-in and only as current as the snapshot you supply, so an offline run reflects the pinned data, not live advisories. Byte-for-byte reproducibility holds for the same inputs under a pinned --as-of timestamp; it is not a claim about results across different data snapshots.