CLI tool and library for generating a Software Bill of Materials from container images and filesystems
-
Updated
Aug 23, 2022 - Go
#
spdx
Here are 111 public repositories matching this topic...
licensing
packages
open-source-licensing
provenance
dependencies
license
spdx
spdx-license
copyright
sca
spdx-licenses
license-checking
license-scan
copyright-scan
software-composition-analysis
oss-compliance
purl
package-url
sbom
-
Updated
Aug 23, 2022 - Python
A suite of tools to assist with reviewing Open Source Software dependencies.
package-manager
open-source-licensing
foss
dependency-graph
provenance
compliance
dependencies
license
spdx
copyright
hacktoberfest
license-management
license-checking
license-scan
package-scan
copyright-scan
open-chain-project
oss-compliance
sbom
sbom-generator
-
Updated
Aug 23, 2022 - Kotlin
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
python
docker
open-source
tool
containers
compliance
dependencies
spdx
metadata-extraction
risk-management
software-composition-analysis
oss-compliance
sbom
supply-chain-security
-
Updated
Jul 26, 2022 - Python
FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.
oss
compliance
license
spdx
license-management
fossology
spdx-licenses
license-checking
license-scan
compliance-check
compliance-automation
-
Updated
Aug 22, 2022 - PHP
-
Updated
May 12, 2022 - Rust
Reliable project licenses detector.
-
Updated
May 31, 2020 - Go
The SPDX specification in MarkDown and HTML formats.
-
Updated
Aug 15, 2022 - HTML
Software Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
component
supply-chain
owasp
specification
standard
bom
software
vex
license
spdx
cpe
software-security
swid
bill-of-materials
software-bill-of-materials
sbom
cyclonedx
obom
mbom
saasbom
-
Updated
Aug 13, 2022 - XSLT
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
maven
owasp
maven-plugin
bom
vex
spdx
bill-of-materials
software-bill-of-materials
purl
package-url
sbom
cyclonedx
sbom-generator
obom
mbom
saasbom
-
Updated
Aug 15, 2022 - Java
licensechecker (lc) a command line application which scans directories and identifies what software license things are under producing reports as either SPDX, CSV, JSON, XLSX or CLI Tabular output. Dual-licensed under MIT or the UNLICENSE.
go
cli
golang
commandline
classifier
open-source-licensing
command-line-tool
license
spdx
license-management
licensechecker
-
Updated
Aug 4, 2022 - Go
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
owasp
bom
vex
spdx
bill-of-materials
software-bill-of-materials
purl
package-url
sbom
cyclonedx
sbom-generator
obom
mbom
saasbom
-
Updated
Aug 12, 2022 - C#
Creates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
python
owasp
python3
pip
bom
vex
spdx
bill-of-materials
software-bill-of-materials
purl
package-url
sbom
cyclonedx
sbom-generator
obom
mbom
saasbom
-
Updated
Aug 24, 2022 - Python
nodejs
stylelint
gulp
sass
less
babel
typescript
jasmine
mocha
eslint
jest
tslint
reactjs
handlebars
stylus
jsdom
build-tool
spdx
rollupjs
istambul
-
Updated
Jul 20, 2022 - HTML
Creates CycloneDX Software Bill of Materials (SBOM) from Node.js projects
nodejs
npm
node
owasp
bom
vex
node-module
spdx
bill-of-materials
software-bill-of-materials
purl
package-url
sbom
cyclonedx
sbom-generator
obom
mbom
-
Updated
Aug 20, 2022 - JavaScript
Improve this page
Add a description, image, and links to the spdx topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the spdx topic, visit your repo's landing page and select "manage topics."