Topic: spdx Goto Github
Some thing interesting about spdx
Some thing interesting about spdx
spdx,Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX or any other license id scheme.
Organization: aboutcode-org
Home Page: http://aboutcode.org
spdx,:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
Organization: aboutcode-org
Home Page: https://github.com/aboutcode-org/scancode-toolkit/releases/
spdx,ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Organization: aboutcode-org
Home Page: https://scancodeio.readthedocs.io
spdx,CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Organization: anchore
spdx,Provides JVM network packet processing library for rapid development.
User: ardikars
Home Page: https://pcap.ardikars.com
spdx,licensechecker (lc) a command line application which scans directories and identifies what software license things are under producing reports as either SPDX, CSV, JSON, XLSX or CLI Tabular output. Dual-licensed under MIT or the UNLICENSE.
User: boyter
spdx,Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
Organization: chainloop-dev
Home Page: https://docs.chainloop.dev
spdx,CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Organization: cyclonedx
Home Page: https://cyclonedx.org/
spdx,CycloneDX SBOM Model and Utils for Creating and Validating BOMs
Organization: cyclonedx
Home Page: https://cyclonedx.org/
spdx,Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Organization: cyclonedx
Home Page: https://cyclonedx.org/
spdx,Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
Organization: cyclonedx
Home Page: https://cyclonedx.org/
spdx,Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Organization: cyclonedx
Home Page: https://cyclonedx.org/
spdx,Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Organization: cyclonedx
Home Page: https://cyclonedx.org/
spdx,CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
Organization: cyclonedx
Home Page: https://cyclonedx.org
spdx,Python implementation of OWASP CycloneDX
Organization: cyclonedx
Home Page: https://cyclonedx.org/
spdx,Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
Organization: cyclonedx
Home Page: https://cyclonedx.org/
spdx,Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
Organization: cyclonedx
Home Page: https://cyclonedx.org/
spdx,Utility that provides an API platform for validating, querying and managing BOM data
Organization: cyclonedx
spdx,OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX
Organization: cyclonedx
Home Page: https://cyclonedx.org/
spdx,Scans Software Bill of Materials (SBOMs) for security vulnerabilities
Organization: devops-kung-fu
spdx,📜 Cargo plugin to generate list of all licenses for a crate 🦀
Organization: embarkstudios
Home Page: http://embark.rs
spdx,FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.
Organization: fossology
Home Page: https://fossology.github.io/
spdx,reuse is a tool for compliance with the REUSE recommendations.
Organization: fsfe
Home Page: https://reuse.software
spdx,SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.
Organization: interlynk-io
spdx,SBOM quality score - Quality metrics for your sboms
Organization: interlynk-io
spdx,a list of SPDX license identifiers
Organization: jslicense
Home Page: https://spdx.org/licenses/
spdx,🎁 wraps all package managers with a unifying CLI
User: kdeldycke
Home Page: https://kdeldycke.github.io/meta-package-manager
spdx,A utility to generate SPDX-compliant Bill of Materials manifests
Organization: kubernetes-sigs
Home Page: https://kubernetes-sigs.github.io/bom/
spdx,Nix CycloneDX Software Bills of Materials (SBOMs)
User: nikstur
spdx,Japanese reference translations of the OSI approved open source licenses
Organization: opensource-jp
Home Page: https://licenses.opensource.jp/
spdx,A light-weight app to audit and inventory large codebases for open source license compliance.
Organization: opossum-tool
spdx,A suite of tools to automate software compliance checks.
Organization: oss-review-toolkit
Home Page: https://oss-review-toolkit.org
spdx,A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
Organization: package-url
Home Page: https://github.com/package-url/purl-spec
spdx,A tool to generate SBOM (Software Bill of Material) from source code artifacts.
User: patriksvensson
spdx,List of SPDX licenses
User: sindresorhus
spdx,Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON
Organization: spdx
spdx,Java library which implements the Java object model for SPDX and provides useful helper functions
Organization: spdx
spdx,Chrome/Firefox browser extension to compare text against spdx license list
Organization: spdx
spdx,A tool to match license text with SPDX license list using a an algorithm with finds close matches. It follows SPDX Matching guidelines to keep the substantial text as well as ignore the replaceable text for matching purposes.
Organization: spdx
spdx,The SPDX specification in MarkDown and HTML formats.
Organization: spdx
Home Page: https://spdx.github.io/spdx-spec/
spdx,A Python library to parse, validate and create SPDX documents.
Organization: spdx
Home Page: http://spdx.org
spdx,Reliable project licenses detector.
Organization: src-d
spdx,We have moved and *archived* this repository. Pls. continue at the new place at https://github.com/eclipse/sw360 ... A software component catalogue application - designed to work with FOSSology.
Organization: sw360
spdx,Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
Organization: tern-tools
spdx,OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Organization: xmirrorsecurity
Home Page: https://opensca.xmirror.cn
spdx,:boom: Full-fledged CLI tool to generate and package node modules compliant with Browser and NodeJS. Packer CLI support all modern style, unit test and script transpiler tools
User: yohangz
Home Page: http://bit.ly/packer-cli
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.