TL;DR
Upload your component SBOMs first, then create a product release that points to specific SBOMs. Each SBOM can have its own version and be shared across multiple releases.
Walkthrough
Creating a product release
A product release in sbomify ties together one or more component SBOMs under a single version tag. This is how you represent a shipped version of your software.
Prerequisites
Before creating a release, you need:
- A product set up in sbomify (see How do products work?)
- One or more components with uploaded SBOMs
Steps
- Navigate to your Product
- Click Create Release
- Enter the release version (e.g.
v2.1.0) - Select which SBOMs to include in this release
- Click Save
How versioning works
Component SBOMs and product releases are versioned independently. For example, your product v2.1.0 might include a backend component at v1.8.3 and a frontend at v3.0.1. The same component SBOM can also be shared across multiple product releases - if two products ship the same library version, there’s no need to upload it twice.