Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for spdx
spdx
x
81 search results found
Syft
⭐
5,116
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Scancode Toolkit
⭐
1,887
🔍 ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
Ort
⭐
1,405
A suite of tools to automate software compliance checks.
Opensca Cli
⭐
964
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Tern
⭐
909
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
Fossology
⭐
712
FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.
Purl Spec
⭐
560
A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
License List Data
⭐
447
Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON
Bomber
⭐
406
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
Cargo About
⭐
393
📜 Cargo plugin to generate list of all licenses for a crate 🦀
Reuse Tool
⭐
329
reuse is a tool for compliance with the REUSE recommendations.
Specification
⭐
300
CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, ML-BOM, OBOM, MBOM, VDR, and VEX
Bom
⭐
278
A utility to generate SPDX-compliant Bill of Materials manifests
Cyclonedx Maven Plugin
⭐
250
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Spdx Spec
⭐
241
The SPDX specification in MarkDown and HTML formats.
Chainloop
⭐
225
Chainloop is an open source software supply chain control plane, a single source of truth for artifacts plus a declarative attestation crafting process.
Go License Detector
⭐
211
Reliable project licenses detector.
Cyclonedx Cli
⭐
206
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Cyclonedx Python
⭐
181
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
Licensor
⭐
164
write licenses to stdout
Cyclonedx Dotnet
⭐
147
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Tools Python
⭐
147
A Python library to parse, validate and create SPDX documents.
Cyclonedx Gradle Plugin
⭐
127
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
Lc
⭐
113
licensechecker (lc) a command line application which scans directories and identifies what software license things are under producing reports as either SPDX, CSV, JSON, XLSX or CLI Tabular output. Dual-licensed under MIT or the UNLICENSE.
Sbomqs
⭐
109
SBOM quality score - Quality metrics for your sboms
Tools
⭐
101
SPDX Tools
Scancode.io
⭐
88
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Packer Cli
⭐
87
💥 Full-fledged CLI tool to generate and package node modules compliant with Browser and NodeJS. Packer CLI support all modern style, unit test and script transpiler tools
Spdx License List
⭐
84
List of SPDX licenses
Cyclonedx Core Java
⭐
61
CycloneDX SBOM Model and Utils for Creating and Validating BOMs
Cyclonedx Rust Cargo
⭐
61
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
Copywrite
⭐
56
Automate copyright headers and license files at scale
Opossumui
⭐
54
A light-weight app to audit and inventory large codebases for open source license compliance.
Sbom Utility
⭐
52
Utility that provides an API platform for validating, querying and managing BOM data
Covenant
⭐
52
A tool to generate SBOM (Software Bill of Material) from source code artifacts.
Cyclonedx Python Lib
⭐
50
Python library for CycloneDX
License Expression
⭐
42
Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX or any other license id scheme.
Licenses
⭐
42
Japanese reference translations of the OSI approved open source licenses
Bombon
⭐
39
Nix CycloneDX Software Bills of Materials (SBOMs)
Pcap
⭐
38
Provides JVM network packet processing library for rapid development.
Cyclonedx Php Composer
⭐
37
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Sbomasm
⭐
32
SBOM Assembler - A tool to compose your various sboms into a single sbom.
Spdx License Ids
⭐
31
a list of SPDX license identifiers
Sw360portal
⭐
30
We have moved and *archived* this repository. Pls. continue at the new place at https://github.com/eclipse/sw360 ... A software component catalogue application - designed to work with FOSSology.
Spdx Java Library
⭐
30
Java library which implements the Java object model for SPDX and provides useful helper functions
Spdx License Diff
⭐
30
Chrome/Firefox browser extension to compare text against spdx license list
Cavil
⭐
30
The legal review and SBOM system used by SUSE and openSUSE
Spdx License Matcher
⭐
23
A tool to match license text with SPDX license list using a an algorithm with finds close matches. It follows SPDX Matching guidelines to keep the substantial text as well as ignore the replaceable text for matching purposes.
Cyclonedx Conan
⭐
23
Creates CycloneDX Software Bill of Materials (SBOM) documents for C/C++ projects using Conan
Cyclonedx Webpack Plugin
⭐
22
Create CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
Sbom4python
⭐
21
A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
Go Spdx
⭐
20
Golang library for listing and looking up licenses using SPDX IDs.
Sbomdiff
⭐
16
This tool compares two Software Bill of Materials (SBOMs) and reports the differences.
License Ls
⭐
15
Get a list of licenses used by a projects dependencies
Ort Ci Github Action
⭐
15
Run ORT in your GitHub action workflow to do licensing, security and best practices checks and generate reports/SBOMs
Sbomgr
⭐
14
SBOM Grep - search through SBOMs
Spdx
⭐
13
A .NET library that makes it easy to retrieve information about SPDX licenses.
Sbom Landscape
⭐
13
SPDX SBOM Landscape
Cyclonedx Javascript Library
⭐
12
Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.
Cyclonedx Ruby Gem
⭐
11
Creates CycloneDX Software Bill of Materials (SBOM) from Ruby projects
Lib4sbom
⭐
11
Library to ingest and generate SBOMs
Spdx Licenses
⭐
11
SPDX license and identifier lookup
Dejacode
⭐
11
Automate open source license compliance and ensure software supply chain integrity
Cargo Spdx
⭐
11
Generate an SPDX Software Bill of Materials for Rust crates.
Spdx.el
⭐
10
Insert SPDX license header
Spdx To Dependency Graph Action
⭐
10
A GitHub Action that takes SPDX SBOMs and uploads them to GitHub's dependency submission API to power Dependabot alerts
Sbom2doc
⭐
10
Transform SBOM contents into a formatted document including markdown and PDF formats
Obom_cli
⭐
10
Tool to inspect and push and SPDX document as an OCI artifact
Conformance
⭐
9
☑️ Module to check SPDX license expression conformance and surface meta information about license expressions
Sbom Rs
⭐
9
A group of Rust projects for interacting with and producing software bill of materials (SBOMs).
Lice
⭐
9
Dead simple, minimal SPDX License generator library written in Rust.
Meta Wr Sbom
⭐
8
A CLI tool for generating a Software Bill of Materials (SBOM) from Yocto Project.
Ort Ci Gitlab
⭐
7
Use ORT in your GitLab pipelines
Surfactant
⭐
7
Modular framework for SBOM generation that gathers file information and analyzes dependencies
License
⭐
7
Provides embedded license information from SPDX.
Spdx Rs
⭐
6
SPDX Documents in Rust
Cyclonedx Php Library
⭐
6
PHP Implementation of CycloneDX Bill of Materials (BOM)
Tools Licenses
⭐
6
A Clojure tools.build task library related to dependency licenses.
License Coverage Grader
⭐
6
This is a tool which take an SPDX document and pointer to the original source files, and determine a "grade" score to quantify how complete the licensing information is at the file level for the code represented by the SPDX document.
Cyclonedx Authoring Tool
⭐
5
An experimental user interface for manually creating, editing, and viewing CycloneDX SBOMs
Spdx License Match
⭐
5
Match text against SPDX-known licenses
1-81 of 81 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.
