SCANOSS Workbench v1.19.0 Released

We’ve just rolled out SCANOSS Workbench v1.19.0, packed with new import options, stronger SBOM exports, and fixes that make it even easier to work with real-world scan results.

What’s New in SCANOSS Workbench v1.19.0

• RAW results import – load result files directly (JSON) and build projects from existing scans. This also works as a viewer mode, letting you inspect scan results without running a new scan.

• Project import with source inclusion – bring in whole projects with their source code; This enables side-by-side comparison of your code against matched open source components for faster review and verification.

• Improved SBOM exports

  • New CycloneDX submenu options with vulnerability inclusion/exclusion.

  • Standardised vulnerability severity in CycloneDX output.

  • Added SPDX Lite export alongside existing formats.

• SCANOSS result validator – validate scan results before processing.

• UI and workflow fixes – reorganised project import options, improved error handling, fixed duplicate file issues in rescans, and standardised project settings behaviour.

Why It Matters

This release focuses on developer control and accuracy:

• Start from any scan result file and reconstruct a complete project view.

• Keep vulnerabilities and cryptographic findings visible even when working with imported results.

• Generate SBOMs in multiple formats (CycloneDX, SPDX Lite, CSV, HTML) with vulnerability data.

• Enable smoother imports, and clearer workflows in everyday use.

With v1.19.0, SCANOSS Workbench gives developers a more flexible and standards-aligned way to analyse, refine, and export SBOMs.

Download v1.19.0 here: