Repository navigation

#

purl

DependencyTrack/dependency-track
DependencyTrack / dependency-track 

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

owaspappsec安全bomvulnerabilitiescomponent-analysisnvdsoftware-securitysoftware-composition-analysisscabill-of-materialspackage-urlpurlvulnerability-detectionossindexsbomdevsecopssecurity-automationcyclonedxHacktoberfest
Java
3275
2 天前
aboutcode-org / scancode-toolkit 

🔍 ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!

licensecopyrightpackages依赖管理spdxprovenancelicense-scanlicensingspdx-licensesopen-source-licensinglicense-checkingsoftware-composition-analysispurlpackage-urlsbomscacyclonedxdependency-graph
Python
2383
11 天前
package-url / purl-spec 

A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby

purlpackage-urlpackageurlcyclonedx依赖管理package-managementsbomspdx
Python
890
2 天前
CycloneDX / cdxgen 

Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server

bomscacyclonedxsbomDockerocicontainersowasppackage-urlpurl
JavaScript
797
2 小时前
aboutcode-org / vulnerablecode 

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Common Vulnerabilities and Exposures (CVE)安全vulnerability-detectionvulnerabilityvulnerability-databasesvulnerability-scannersossindexsnyknvdcvsspackage-urlpurl
Python
632
3 天前
CycloneDX / cyclonedx-cli 

CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.

bombill-of-materialspurlpackage-urlsbomcyclonedxspdxowaspsbom-generatorvexHacktoberfest
C#
410
5 天前
CycloneDX / cyclonedx-maven-plugin 

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

bomspdxMavenmaven-pluginbill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorvex
Java
335
10 天前
CycloneDX / cyclonedx-python 

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

Pythonpipbomsbomspdxbill-of-materialspackage-urlpurlcyclonedxowaspsbom-generatorpoetrycondarequirementsenvironmentHacktoberfest
Python
332
1 天前
aboutcode-org / aboutcode 

AboutCode project: tools and data to uncover things about code: the provenance, origin, license, and more (packages, security, quality, etc.) of FOSS code. Get started at https://aboutcode.readthedocs.io/

licensepurlsbomsca安全
Batchfile
242
6 天前
CycloneDX / cyclonedx-dotnet 

Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects

bomspdx.NETbill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorHacktoberfestvex
C#
237
1 个月前
tiiuae / sbomnix 

A suite of utilities to help with software supply chain challenges on nix targets

cyclonedxNixsbomsbom-generatorPythonbill-of-materials依赖管理purl安全static-analysisvulnerability-scannerssoftware-supply-chainsoftware-supply-chain-security
Python
204
2 天前
CycloneDX / cyclonedx-gradle-plugin 

Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects

bomspdxGradlegradle-pluginbill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorHacktoberfest
Java
200
2 天前
aboutcode-org / scancode.io 

ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!

scasoftware-composition-analysisOpen SourcelicenseDockervirtual-machinecyclonedxpackage-urlpurlspdxvulnerabilities
Python
149
1 天前
CycloneDX / cyclonedx-rust-cargo 

Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects

bomspdxRustcargocargo-pluginbill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorvex
Rust
143
4 天前
AppThreat / vulnerability-db 

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers.

vulnerability-detectionCommon Vulnerabilities and Exposures (CVE)nvd命令行界面scaadvisories数据库purl
Python
129
2 个月前
CycloneDX / sbom-utility 

Utility that provides an API platform for validating, querying and managing BOM data

sbombomcyclonedxspdxvexbill-of-materialsHacktoberfestowasppackage-urlpurl
Go
120
11 天前
nikstur / bombon 

Nix CycloneDX Software Bills of Materials (SBOMs)

cyclonedxNixsbombill-of-materialsbomlicensesbom-generatorcomponents依赖管理purlspdx
Rust
103
1 天前
CycloneDX / cyclonedx-core-java 

CycloneDX SBOM Model and Utils for Creating and Validating BOMs

bomspdxbill-of-materialspackage-urlpurlsbomcyclonedxowaspvexLibrary
Java
97
2 天前
CycloneDX / cyclonedx-python-lib 

Python implementation of OWASP CycloneDX

Pythonowaspbomspdxbill-of-materialspurlpackage-urlsbomcyclonedxvexattestationLibraryHacktoberfest
Python
87
8 小时前
package-url / packageurl-python 

Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and other generous sponsors.

purlpackage-urlLibraryPythonHacktoberfest
Python
79
1 个月前