Search Results - RepositoryStats

534

2.0k

unknown

73

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nl...

Created 2015-07-01

11,149 commits to develop branch, last one a day ago

ort oss-review-toolkit

298

1.5k

apache-2.0

41

A suite of tools to automate software compliance checks.

Created 2017-10-19

15,701 commits to main branch, last one a day ago

tern tern-tools

187

948

bsd-2-clause

31

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-...

sbom spdx tool docker python compliance containers open-source dependencies oss-compliance risk-management metadata-extraction supply-chain-security software-composition-analysis

Created 2017-11-27

1,102 commits to main branch, last one 6 months ago

chainloop chainloop-dev

25

330

apache-2.0

9

Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.

ospo sbom slsa spdx in-toto license security cyclonedx devsecops compliance attestation oss-compliance sbom-discovery slsa-provenance metadata-platform sbom-distribution regulated-industry open-source-licensing supply-chain-security

Created 2023-03-06

673 commits to main branch, last one a day ago

awesome-software-supply-chain-security bureado

25

260

unknown

26

A compilation of resources in the software supply chain security domain, with emphasis on open source

sbom devsecops attestation awesome-list cve-scanning dependencies oss-compliance static-analysis package-management reproducible-builds supply-chain-attacks dependency-management software-supply-chain supply-chain-security security-vulnerability vulnerability-scanning vulnerability-management software-composition-analysis software-supply-chain-security

Created 2022-02-20

447 commits to main branch, last one about a year ago

scancode-workbench nexB

69

145

apache-2.0

22

:bar_chart: ScanCode Workbench is a desktop app to review and conclude license and origin from code scans generated by ScanCode Toolkit.

scancode oss-compliance scancode-workbench software-licensing

Created 2016-10-13

997 commits to develop branch, last one 3 months ago

Sharing-creates-value Open-Source-Compliance

35

81

cc0-1.0

43

This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles

oss oss-compliance

Created 2015-12-01

473 commits to master branch, last one 3 months ago

OpossumUI opossum-tool

25

56

apache-2.0

2

A light-weight app to audit and inventory large codebases for open source license compliance.

spdx codescan remediation license-scan copyright-scan oss-compliance package-dependency software-bill-of-materials software-composition-analysis

Created 2021-09-21

4,797 commits to main branch, last one 2 days ago

tools rmkanda

13

54

apache-2.0

4

Curated list of security tools

osc oss dast list sast cloud tools scanner security devsecops kubernetes oss-compliance security-tools

Created 2020-10-17

5 commits to main branch, last one about a year ago

awesome-open-source-licensing CodeScoring

4

52

cc-by-sa-4.0

6

Cool links, tools & papers related to Open Source Licensing

awesome license licensing awesome-list license-scan oss-compliance license-management software-licensing open-source-licensing

Created 2021-11-25

13 commits to main branch, last one 2 years ago

package-analysis Open-Source-Compliance

18

34

other

7

This repo contains license and copyright analysis results of open source packages. It further contains other license compliance relevant artifacts, which might be of value for others

oss-compliance license-analysis copyright-analysis license-compliance oss-package-analysis

Created 2022-03-02

2,622 commits to main branch, last one a day ago