CycloneDX / cyclonedx-javascript-library

Related projects: ⓘ

• CycloneDX / gh-node-module-generatebom
  GitHub action to generate a CycloneDX SBOM for Node.js
  ☆20Updated 2 months ago
• CycloneDX / cyclonedx-node-module
  creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
  ☆121Updated 2 months ago
• CycloneDX / cyclonedx-node-npm
  Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
  ☆71Updated this week
• ossf / scorecard-monitor
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆31Updated 2 months ago
• CycloneDX / cyclonedx-node-yarn
  Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.
  ☆18Updated this week
• CycloneDX / cyclonedx-webpack-plugin
  Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
  ☆24Updated this week
• oss-review-toolkit / ort-ci-github-action
  Run ORT in your GitHub action workflow to do licensing, security and best practices checks and generate reports/SBOMs
  ☆23Updated 3 months ago
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆108Updated 3 weeks ago
• step-security / agent
  Purpose-built security agent for hosted runners
  ☆28Updated last month
• philips-labs / slsa-provenance-action
  Github Action implementation of SLSA Provenance Generation
  ☆47Updated 2 weeks ago
• CycloneDX / cyclonedx.org
  Public website cyclonedx.org
  ☆9Updated this week
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆14Updated this week
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆219Updated last month
• CycloneDX / license-scanner
  Utility that provides an API and CLI to identify licenses and legal terms
  ☆43Updated 3 months ago
• step-security / ai-codewise
  AI-Powered Code Reviews for Best Practices & Security Issues Across Languages
  ☆15Updated last year
• open-feature / js-sdk-contrib
  OpenFeature Providers and Hooks for JavaScript
  ☆35Updated this week
• microsoft / sarif-js-sdk
  JavaScript code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oas…
  ☆24Updated 3 months ago
• cdklabs / node-sscaff
  Stupid scaffolding: copies an entire directory with variable substitution
  ☆20Updated this week
• philips-software / SPDXMerge
  SPDX Merge tool
  ☆39Updated last week
• DependencyTrack / gh-upload-sbom
  Publishes BOMs to Dependency-Track from GitHub Actions
  ☆41Updated 3 weeks ago
• IBM / gauge
  Measure release insights and recommendations for open-source dependencies. Note: this project is archived.
  ☆11Updated last year
• CycloneDX / cyclonedx-bom-repo-server
  A BOM repository server for distributing CycloneDX BOMs
  ☆73Updated 6 months ago
• openvex / spec
  OpenVEX Specification
  ☆125Updated 2 months ago
• octo-sts / action
  ☆30Updated 4 months ago
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated 7 months ago
• aws-samples / aws-cdk-cfn-hook
  ☆12Updated 3 weeks ago
• security-alert / security-alert
  [GitHub] A Command Line ToolKit for GitHub Security Alert.
  ☆25Updated 2 weeks ago
• finos / git-proxy
  Deploy custom push protections and policies on top of Git
  ☆101Updated this week
• cdklabs / json2jsii
  Generates jsii-compatible structs from JSON schemas
  ☆20Updated this week
• evryfs / sbom-dependency-submission-action
  Submit SBOMs to GitHub's dependency submission API
  ☆11Updated last year