11 results found Sort:

aboutcode-org
scancode-toolkit aboutcode-org
560
2.2k
unknown
71
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nl...
sca purl sbom spdx license packages copyright cyclonedx licensing provenance package-url dependencies license-scan spdx-licenses copyright-scan oss-compliance dependency-graph license-checking open-source-licensing software-composition-analysis
Created 2015-07-01
11,326 commits to develop branch, last one 16 days ago
oss-review-toolkit
ort oss-review-toolkit
314
1.6k
apache-2.0
40
A suite of tools to automate software compliance checks.
cra sca dora ospo sbom spdx license copyright cyclonedx compliance dependencies hacktoberfest oss-compliance sbom-generator package-manager dependency-graph license-management open-source-licensing
Created 2017-10-19
16,975 commits to main branch, last one 14 hours ago
tern-tools
tern tern-tools
188
968
bsd-2-clause
32
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-...
sbom spdx tool docker python compliance containers open-source dependencies oss-compliance risk-management metadata-extraction supply-chain-security software-composition-analysis
Created 2017-11-27
1,102 commits to main branch, last one about a year ago
chainloop-dev
chainloop chainloop-dev
30
378
apache-2.0
11
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
ospo sbom slsa spdx in-toto license security cyclonedx devsecops compliance attestation oss-compliance sbom-discovery slsa-provenance metadata-platform sbom-distribution regulated-industry open-source-licensing supply-chain-security
Created 2023-03-06
1,141 commits to main branch, last one a day ago
bureado
awesome-software-supply-chain-security bureado
27
297
unknown
25
A compilation of resources in the software supply chain security domain, with emphasis on open source
sbom devsecops attestation awesome-list cve-scanning dependencies oss-compliance static-analysis package-management reproducible-builds supply-chain-attacks dependency-management software-supply-chain supply-chain-security security-vulnerability vulnerability-scanning vulnerability-management software-composition-analysis software-supply-chain-security
Created 2022-02-20
447 commits to main branch, last one about a year ago
aboutcode-org
scancode-workbench aboutcode-org
72
158
apache-2.0
21
:bar_chart: ScanCode Workbench is a desktop app to review and conclude license and origin from code scans generated by ScanCode Toolkit.
scancode oss-compliance scancode-workbench software-licensing
Created 2016-10-13
998 commits to develop branch, last one 4 months ago
Open-Source-Compliance
Sharing-creates-value Open-Source-Compliance
36
83
cc0-1.0
43
This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles
oss oss-compliance
Created 2015-12-01
485 commits to master branch, last one 26 days ago
rmkanda
tools rmkanda
16
62
apache-2.0
4
Curated list of security tools
osc oss dast list sast cloud tools scanner security devsecops kubernetes oss-compliance security-tools
Created 2020-10-17
5 commits to main branch, last one about a year ago
opossum-tool
OpossumUI opossum-tool
27
60
apache-2.0
2
A light-weight app to audit and inventory large codebases for open source license compliance.
spdx codescan remediation license-scan copyright-scan oss-compliance package-dependency software-bill-of-materials software-composition-analysis
Created 2021-09-21
5,248 commits to main branch, last one 14 hours ago
CodeScoring
awesome-open-source-licensing CodeScoring
4
59
cc-by-sa-4.0
6
Cool links, tools & papers related to Open Source Licensing
awesome license licensing awesome-list license-scan oss-compliance license-management software-licensing open-source-licensing
Created 2021-11-25
13 commits to main branch, last one 2 years ago
Open-Source-Compliance
package-analysis Open-Source-Compliance
21
38
other
8
This repo contains license and copyright analysis results of open source packages. It further contains other license compliance relevant artifacts, which might be of value for others
oss-compliance license-analysis copyright-analysis license-compliance oss-package-analysis
Created 2022-03-02
3,616 commits to main branch, last one 14 hours ago