CycloneDX / cyclonedx-gomod
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
☆136Updated this week
Related projects ⓘ
Alternatives and complementary repositories for cyclonedx-gomod
- Go library to consume and produce CycloneDX Software Bill of Materials (SBOM)☆79Updated last week
- Go library for sarif - Static Analysis Results Interchange Format☆66Updated 3 months ago
- Dependency Parser for Multiple Programming Languages☆146Updated 5 months ago
- Go implementation of the package url spec☆54Updated 3 months ago
- Reliable project licenses detector.☆131Updated 5 months ago
- Static Analysis Library for Containers☆199Updated last year
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆131Updated last week
- Collection of Go packages to work with SPDX files☆128Updated 3 months ago
- 🚰 Static taint analysis for Go programs.☆57Updated 3 months ago
- Utility that provides an API and CLI to identify licenses and legal terms☆42Updated 5 months ago
- [mirror] the database client and tools for the Go vulnerability database☆394Updated last week
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆61Updated this week
- Utility that provides an API platform for validating, querying and managing BOM data☆95Updated this week
- A BOM repository server for distributing CycloneDX BOMs☆74Updated 8 months ago
- foundation modules for scanning container packages and reporting vulnerabilities☆144Updated this week
- A tool to create, transform and attest VEX metadata☆117Updated last week
- ☆175Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆221Updated 3 months ago
- A Go library for CPE (A Common Platform Enumeration 2.3)☆34Updated last year
- Open Source Vulnerability schema.☆185Updated this week
- Publishes BOMs to Dependency-Track from GitHub Actions☆47Updated last month
- Go library for Sigstore signing and verification☆48Updated this week
- go library for processing container images and simulating a squash filesystem☆82Updated last week
- Go client library for OWASP Dependency-Track☆22Updated 2 weeks ago
- ✨🔐 CNCF Fuzzers☆113Updated this week
- ☆95Updated this week
- A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index☆566Updated last month
- Trivy's misconfiguration scanning engine☆215Updated 7 months ago
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆89Updated 3 weeks ago
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆61Updated last year