Search Results - RepositoryStats

syft anchore

587

6.4k

apache-2.0

59

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

go oci sbom spdx tool docker golang cyclonedx containers hacktoberfest static-analysis

Created 2020-05-07

2,523 commits to main branch, last one 2 days ago

scancode-toolkit aboutcode-org

560

2.2k

unknown

71

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nl...

Created 2015-07-01

11,326 commits to develop branch, last one 16 days ago

ort oss-review-toolkit

314

1.6k

apache-2.0

40

A suite of tools to automate software compliance checks.

cra sca dora ospo sbom spdx license copyright cyclonedx compliance dependencies hacktoberfest oss-compliance sbom-generator package-manager dependency-graph license-management open-source-licensing

Created 2017-10-19

16,975 commits to main branch, last one 14 hours ago

OpenSCA-cli XmirrorSecurity

116

1.1k

apache-2.0

154

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...

sca sbom spdx swid security cyclonedx devsecops static-analysis vulnerabilities license-compliance software-supply-chain software-bill-of-materials software-composition-analysis software-supply-chain-security

Created 2021-12-30

990 commits to master branch, last one 2 months ago

tern tern-tools

188

968

bsd-2-clause

32

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-...

sbom spdx tool docker python compliance containers open-source dependencies oss-compliance risk-management metadata-extraction supply-chain-security software-composition-analysis

Created 2017-11-27

1,102 commits to main branch, last one about a year ago

fossology fossology

426

814

gpl-2.0

63

FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and we...

oss spdx license fossology compliance license-scan spdx-licenses compliance-check license-checking license-management compliance-automation

Created 2014-01-13

9,844 commits to master branch, last one a day ago

purl-spec package-url

166

711

other

32

A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby

url purl sbom spdx package cyclonedx package-url dependencies package-management

Created 2017-11-11

270 commits to master branch, last one 29 days ago

cargo-about EmbarkStudios

33

558

apache-2.0

5

📜 Cargo plugin to generate list of all licenses for a crate 🦀

rust spdx cargo licensing rust-lang cargo-plugin hacktoberfest license-checking

Created 2019-11-01

203 commits to main branch, last one 19 days ago

bomber devops-kung-fu

45

533

mpl-2.0

10

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

oss epss sbom spdx syft golang gomodule security cyclonedx devsecops supplychain supply-chain security-tools security-automation vulnerability-scanners

Created 2022-07-08

90 commits to main branch, last one about a month ago

license-list-data spdx

148

513

unknown

38

Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON

json rdfa spdx licenses licensing html-format

Created 2016-04-15

688 commits to main branch, last one a day ago

meta-package-manager kdeldycke

33

477

gpl-2.0

13

🎁 wraps all package managers with a unifying CLI

Created 2016-08-17

4,333 commits to main branch, last one 15 days ago

reuse-tool fsfe

151

418

unknown

18

reuse is a tool for compliance with the REUSE recommendations.

fsfe sbom spdx reuse linter python analyzer copyright licensing free-software

Created 2019-04-12

2,548 commits to main branch, last one 27 days ago

chainloop chainloop-dev

30

378

apache-2.0

11

Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.

ospo sbom slsa spdx in-toto license security cyclonedx devsecops compliance attestation oss-compliance sbom-discovery slsa-provenance metadata-platform sbom-distribution regulated-industry open-source-licensing supply-chain-security

Created 2023-03-06

1,141 commits to main branch, last one a day ago

specification CycloneDX

61

372

apache-2.0

26

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and V...

Created 2017-05-29

1,042 commits to master branch, last one 9 days ago

bom kubernetes-sigs

50

356

apache-2.0

11

A utility to generate SPDX-compliant Bill of Materials manifests

go bom sbom spdx golang kubernetes

Created 2021-11-19

1,146 commits to main branch, last one a day ago

cyclonedx-cli CycloneDX

64

320

apache-2.0

15

CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.

bom vex mbom obom purl sbom spdx owasp saasbom cyclonedx package-url hacktoberfest sbom-generator bill-of-materials software-bill-of-materials

Created 2020-10-22

416 commits to main branch, last one 28 days ago

cyclonedx-maven-plugin CycloneDX

86

302

apache-2.0

13

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

bom vex mbom obom purl sbom spdx maven owasp saasbom cyclonedx package-url maven-plugin sbom-generator bill-of-materials software-bill-of-materials

Created 2017-06-04

759 commits to master branch, last one 23 days ago

spdx-spec spdx

140

300

other

34

The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.

sbom spdx licenses spdx-sbom specification linux-foundation bill-of-materials software-transparency software-bill-of-materials software-package-data-exchange

Created 2017-05-10

1,013 commits to develop branch, last one 4 days ago

cyclonedx-python CycloneDX

69

259

apache-2.0

13

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

bom pip purl sbom spdx conda owasp poetry python python3 cyclonedx sbom-tool environment package-url requirements hacktoberfest sbom-generator bill-of-materials software-bill-of-materials

Created 2018-11-15

678 commits to main branch, last one 7 days ago

go-license-detector src-d

39

236

other

11

Reliable project licenses detector.

spdx license-scan spdx-license spdx-licenses license-management

Created 2018-01-30

169 commits to master branch, last one 4 years ago

tools-python spdx

135

195

apache-2.0

25

A Python library to parse, validate and create SPDX documents.

rdf spdx python parsing licensing

Created 2015-03-23

1,387 commits to main branch, last one 2 months ago

licensor raftario

12

195

mit

7

write licenses to stdout

cli spdx license licensing

Created 2019-09-19

98 commits to master branch, last one about a year ago

cyclonedx-dotnet CycloneDX

90

193

apache-2.0

13

Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects

bom vex mbom obom purl sbom spdx owasp dotnet saasbom cyclonedx dotnet-core package-url hacktoberfest sbom-generator bill-of-materials software-bill-of-materials

Created 2018-10-02

947 commits to master branch, last one 14 days ago

sbomqs interlynk-io

20

191

apache-2.0

7

SBOM quality score - Quality metrics for your sboms

go sbom spdx golang cyclonedx sbom-tool sbom-score sbom-quality sbom-samples sbom-examples security-tools devsecops-pipeline supply-chain-security

Created 2023-01-31

570 commits to main branch, last one 8 days ago

cyclonedx-gradle-plugin CycloneDX

78

164

apache-2.0

11

Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects

bom purl sbom spdx owasp gradle cyclonedx package-url gradle-plugin sbom-generator bill-of-materials software-bill-of-materials

Created 2018-05-30

642 commits to master branch, last one 2 days ago

tools spdx

70

132

apache-2.0

18

SPDX Tools

spdx license-management

Created 2015-03-23

1,015 commits to master branch, last one 2 years ago

lc boyter

17

126

agpl-3.0

8

licensechecker (lc) a command line application which scans directories and identifies what software license things are under producing reports as either SPDX, CSV, JSON, XLSX or CLI Tabular output. Du...

go cli spdx golang license classifier commandline licensechecker command-line-tool license-management open-source-licensing

Created 2018-01-22

395 commits to master branch, last one 6 months ago

scancode.io aboutcode-org

91

121

apache-2.0

14

ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabas...

sca purl spdx docker license scancode cyclonedx open-source package-url foss-compliance virtual-machine vulnerabilities software-composition-analysis

Created 2020-09-10

1,063 commits to main branch, last one 3 days ago

cyclonedx-rust-cargo CycloneDX

45

111

apache-2.0

10

Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects

bom vex mbom obom purl rust sbom spdx cargo owasp saasbom cyclonedx package-url cargo-plugin sbom-generator bill-of-materials software-bill-of-materials

Created 2019-05-21

1,205 commits to main branch, last one 8 days ago

sbom-utility CycloneDX

14

98

apache-2.0

6

Utility that provides an API platform for validating, querying and managing BOM data

bom vdr vex mbom obom purl sbom spdx owasp saasbom cyclonedx sbom-tool spdx-sbom package-url sbom-quality spdx-license hacktoberfest bill-of-materials software-bill-of-materials

Created 2023-01-10

291 commits to main branch, last one about a month ago