#

spdx

Here are 138 public repositories matching this topic...

syft

anchore / syft

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

go docker golang tool containers static-analysis oci spdx hacktoberfest sbom cyclonedx

Updated Apr 3, 2023
Go

nexB / scancode-toolkit

🔎 ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!

Updated Apr 3, 2023
Python

ort

oss-review-toolkit / ort

A suite of tools to assist with reviewing Open Source Software dependencies.

Updated Apr 3, 2023
Kotlin

tern-tools / tern

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.

python docker open-source tool containers compliance dependencies spdx metadata-extraction risk-management software-composition-analysis oss-compliance sbom supply-chain-security

Updated Mar 23, 2023
Python

fossology / fossology

FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.

oss compliance license spdx license-management fossology spdx-licenses license-checking license-scan compliance-check compliance-automation

Updated Apr 2, 2023
PHP

package-url / purl-spec

A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby

url package dependencies spdx package-management purl package-url sbom cyclonedx

Updated Apr 1, 2023

spdx / license-list-data

Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON

licensing json rdfa html-format spdx licenses

Updated Mar 23, 2023
HTML

EmbarkStudios / cargo-about

📜 Cargo plugin to generate list of all licenses for a crate 🦀

rust licensing rust-lang cargo spdx hacktoberfest license-checking cargo-plugin

Updated Mar 20, 2023
Rust

bomber

devops-kung-fu / bomber

Sponsor

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

golang security oss supply-chain spdx vulnerability-scanners security-automation security-tools devsecops supplychain syft sbom gomodule cyclonedx

Updated Apr 1, 2023
Go

fsfe / reuse-tool

reuse is a tool for compliance with the REUSE recommendations.

python licensing linter free-software analyzer reuse spdx copyright sbom fsfe

Updated Apr 3, 2023
Python

specification

CycloneDX / specification

CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, OBOM, VDR, and VEX

Updated Apr 3, 2023
XSLT

src-d / go-license-detector

Reliable project licenses detector.

spdx spdx-license license-management spdx-licenses license-scan

Updated May 31, 2020
Go

spdx / spdx-spec

The SPDX specification in MarkDown and HTML formats.

specification spdx licenses linux-foundation software-package-data-exchange

Updated Mar 10, 2023
HTML

bom

kubernetes-sigs / bom

A utility to generate SPDX-compliant Bill of Materials manifests

go kubernetes golang bom spdx sbom

Updated Apr 1, 2023
Go

cyclonedx-maven-plugin

CycloneDX / cyclonedx-maven-plugin

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

maven owasp maven-plugin bom vex spdx bill-of-materials software-bill-of-materials purl package-url sbom cyclonedx sbom-generator obom mbom saasbom

Updated Apr 3, 2023
Java

raftario / licensor

write licenses to stdout

cli licensing license spdx

Updated Jan 30, 2023
Rust

cyclonedx-cli

CycloneDX / cyclonedx-cli

CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.

owasp bom vex spdx hacktoberfest bill-of-materials software-bill-of-materials purl package-url sbom cyclonedx sbom-generator obom mbom saasbom

Updated Apr 2, 2023
C#

cyclonedx-python

CycloneDX / cyclonedx-python

Creates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.

python environment poetry conda owasp python3 pip bom spdx requirements bill-of-materials software-bill-of-materials purl package-url sbom cyclonedx sbom-generator

Updated Apr 1, 2023
Python

cyclonedx-dotnet

CycloneDX / cyclonedx-dotnet

Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects

dotnet owasp bom dotnet-core vex spdx hacktoberfest bill-of-materials software-bill-of-materials purl package-url sbom cyclonedx sbom-generator obom mbom saasbom

Updated Apr 3, 2023
C#

spdx / tools-python

A Python library to parse, validate and create SPDX documents.

python licensing parsing rdf spdx

Updated Apr 3, 2023
Python

Improve this page

Add a description, image, and links to the spdx topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the spdx topic, visit your repo's landing page and select "manage topics."