Repository navigation

#

sbom-generator

RetireJS / retire.js 

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

vulnerabilitiesscannerFirefox 插件JavaScriptChrome 插件build-tool安全software-composition-analysissbomsbom-generator
JavaScript
3815
1 个月前
microsoft / sbom-tool 

The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.

sbomsbom-generator
C#
1763
18 小时前
oss-review-toolkit/ort
oss-review-toolkit / ort 

A suite of tools to automate software compliance checks.

Package manager依赖管理dependency-graphlicensecopyrightspdxcompliancelicense-managementsbomsbom-generatoropen-source-licensingospocyclonedxscaHacktoberfestcradora
Kotlin
1718
17 小时前
lunasec-io / lunasec 

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

tokenizationweb-securitycompliance安全soc2pci-dssgdprzero-trustdevsecopslog4shelldependency-analysisscanningCybersecurityscanning-toolcve-scanningsbomsbom-generatorContinuous Delivery (CD)software-composition-analysis
TypeScript
1444
1 年前
awesomeSBOM / awesome-sbom 

A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles

sbomsbom-generatorawesome-reposAwesome Lists
513
5 个月前
trailofbits / it-depends 

A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

sbom-generatorsbomdependency-analysisdependency-graphvulnerability-scannerHacktoberfesthacktoberfest2021
Python
357
4 个月前
CycloneDX / cyclonedx-cli 

CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.

bombill-of-materialspurlpackage-urlsbomcyclonedxspdxowaspsbom-generatorvexHacktoberfest
C#
351
5 个月前
CycloneDX / cyclonedx-maven-plugin 

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

bomspdxMavenmaven-pluginbill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorvex
Java
320
1 天前
CycloneDX / cyclonedx-python 

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

Pythonpipbomsbomspdxbill-of-materialspackage-urlpurlcyclonedxowaspsbom-generatorpoetrycondarequirementsenvironmentHacktoberfest
Python
276
5 天前
CycloneDX / cyclonedx-dotnet 

Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects

bomspdx.NETbill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorHacktoberfestvex
C#
214
1 个月前
CycloneDX / cyclonedx-gradle-plugin 

Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects

bomspdxGradlegradle-pluginbill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generator
Java
184
5 天前
tiiuae / sbomnix 

A suite of utilities to help with software supply chain challenges on nix targets

cyclonedxNixsbomsbom-generatorPythonbill-of-materials依赖管理purl安全static-analysisvulnerability-scannerssoftware-supply-chainsoftware-supply-chain-security
Python
168
10 天前
CycloneDX / cyclonedx-gomod 

Creates CycloneDX Software Bill of Materials (SBOM) from Go modules

bill-of-materialsbomsbomGogo-modulesowaspsbom-generatorvex
Go
151
2 天前
CycloneDX / cyclonedx-node-module 

creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects

cyclonedxbomNode.jssbomdependency-graphsbom-generator
127
2 个月前
CycloneDX / cyclonedx-rust-cargo 

Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects

bomspdxRustcargocargo-pluginbill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorvex
Rust
124
17 天前
CycloneDX / cyclonedx-node-npm 

Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.

bill-of-materialsbomcyclonedxNode.jsnpmsbomsbom-generatordependency-graphowaspHacktoberfest
JavaScript
85
11 天前
intelops / compage 

Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Operators, K8s hooks, etc. with minimal coding and by automatically applying best practice methods like software supply chain security measures, SBOM, openAPI, cloudevents, etc. Auto generate code after defining requirements in UI as diagram.

backend-servicescode-generationcontainerizationcontainersGraphQLgRPC低代码微服务sbom-generatorsoftware-supply-chain-securityWebAssemblyREST APIGoRustServerlesscosignvisual-applications无代码Hacktoberfest
Go
84
8 个月前
nikstur / bombon 

Nix CycloneDX Software Bills of Materials (SBOMs)

cyclonedxNixsbombill-of-materialsbomlicensesbom-generatorcomponents依赖管理purlspdx
Rust
79
1 个月前
oxsecurity / codetotal 

Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.

code-quality-analyzerInfrastructure as codesastsecrets-detection安全sbomsbom-generatorvulnerability-scannerssupply-chain-security
TypeScript
76
8 个月前
interlynk-io / sbomasm 

SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.

GocyclonedxdevsecopsOpen Sourcesbomsbom-generator安全spdx
Go
69
5 天前