CycloneDX / cyclonedx-node-npm
Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
☆86Updated this week
Alternatives and similar repositories for cyclonedx-node-npm:
Users that are interested in cyclonedx-node-npm are comparing it to the libraries listed below
- creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects☆127Updated 3 months ago
- Core functionality of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.☆16Updated this week
- GitHub action to generate a CycloneDX SBOM for Node.js☆21Updated 3 months ago
- Check npm dependencies' package.json for license compatibility (aka compliance check) with the current project based on spdx notation and…☆95Updated last year
- Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.☆26Updated this week
- Collection of security best practices for package managers.☆162Updated 2 years ago
- Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.☆22Updated this week
- [GitHub] A Command Line ToolKit for GitHub Security Alert.☆27Updated 5 months ago
- Extract NPM package licenses. Enhanced and updated fork of Dav Glass' original (but abandoned) license-checker.☆157Updated 2 weeks ago
- A BOM repository server for distributing CycloneDX BOMs☆77Updated last year
- Create SBOMs in CycloneDX format for your Vite or Rollup projects with ease☆11Updated 2 weeks ago
- The goal of this project is to provide additional features on top of the existing npm audit options☆123Updated 8 months ago
- CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.☆354Updated 5 months ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆34Updated 2 months ago
- Enrich SBOMs with data from third party services☆171Updated last month
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆396Updated this week
- TSLint security rules☆69Updated 4 years ago
- A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mi…☆145Updated this week
- Official GitHub Action for OpenSSF Scorecard.☆296Updated this week
- ESLint Plugin focused on common security issues and misconfigurations.☆40Updated 2 months ago
- Source for the website providing online SPDX tools☆67Updated last month
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆564Updated last month
- Generate a score for your sbom to understand if it will actually be useful.☆229Updated 8 months ago
- JavaScript code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oas…☆28Updated 11 months ago
- Audits an NPM package.json file to identify known vulnerabilities.☆227Updated 5 months ago
- `zx`-based release script as `semantic-release` alternative (PoC)☆58Updated 5 months ago
- A JSON Schema Viewer for any JSON Schema on earth.☆150Updated 3 weeks ago
- The Socket CLI☆133Updated last week
- Sunshine - SBOM visualization tool☆43Updated last month
- Find security vulnerabilities in open source npm packages while you code☆205Updated 3 years ago