CycloneDX / cyclonedx-gomod
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
☆133Updated this week
Related projects: ⓘ
- Go library to consume and produce CycloneDX Software Bill of Materials (SBOM)☆72Updated this week
- Go library for sarif - Static Analysis Results Interchange Format☆65Updated last month
- Dependency Parser for Multiple Programming Languages☆143Updated 3 months ago
- Go implementation of the package url spec☆53Updated last month
- Collection of Go packages to work with SPDX files☆120Updated last month
- 🚰 Static taint analysis for Go programs.☆51Updated last month
- Reliable project licenses detector.☆127Updated 3 months ago
- Static Analysis Library for Containers☆199Updated last year
- Utility that provides an API and CLI to identify licenses and legal terms☆43Updated 3 months ago
- [mirror] the database client and tools for the Go vulnerability database☆384Updated last week
- A BOM repository server for distributing CycloneDX BOMs☆73Updated 6 months ago
- Utility that provides an API platform for validating, querying and managing BOM data☆88Updated last month
- ☆89Updated last month
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆128Updated this week
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆59Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆219Updated last month
- A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index☆560Updated 5 months ago
- ✨🔐 CNCF Fuzzers☆111Updated this week
- PURL to CPE Relationship mapping project.☆69Updated this week
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆86Updated 2 weeks ago
- Publishes BOMs to Dependency-Track from GitHub Actions☆41Updated 3 weeks ago
- Creates CycloneDX Software Bill-of-Materials (SBOM) from Go projects. So you can use it with DependencyTrack to monitor security issues i…☆21Updated 4 years ago
- A tool to create, transform and attest VEX metadata☆109Updated last week
- go library for processing container images and simulating a squash filesystem☆78Updated this week
- in-toto Attestation Framework☆231Updated this week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆61Updated last year
- A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.☆89Updated 4 months ago
- Go library for Sigstore signing and verification☆43Updated this week
- A Go library for CPE (A Common Platform Enumeration 2.3)☆34Updated last year
- SBOM quality score - Quality metrics for your sboms☆161Updated this week