Alternatives and similar repositories for gh-node-module-generatebom

Users that are interested in gh-node-module-generatebom are comparing it to the libraries listed below

• CycloneDX / cyclonedx-node-module
  creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
  ☆134Updated 3 weeks ago
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆233Updated last year
• ossf / wg-supply-chain-integrity
  Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …
  ☆189Updated last year
• ossf / scorecard-monitor
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆38Updated 4 months ago
• CycloneDX / cyclonedx-node-npm
  Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
  ☆104Updated this week
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆196Updated last month
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆86Updated last week
• Quobis / action-owasp-dependecy-track-check
  Github action to generate BoM and upload to OWASP dependency track for vulnerability analysis
  ☆46Updated last year
• ossf / wg-vulnerability-disclosures
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆200Updated last week
• ossf / package-manager-best-practices
  Collection of security best practices for package managers.
  ☆164Updated 3 years ago
• OWASP / OpenCRE
  ☆123Updated 3 weeks ago
• step-security / secure-repo
  Orchestrate GitHub Actions Security
  ☆295Updated 2 months ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆150Updated 6 months ago
• CycloneDX / cyclonedx-javascript-library
  Core functionality of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.
  ☆19Updated this week
• CycloneDX / cyclonedx-webpack-plugin
  Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
  ☆27Updated this week
• ossf / s2c2f
  The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…
  ☆215Updated 4 months ago
• CycloneDX / specification
  OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…
  ☆431Updated this week
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆72Updated 2 years ago
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆95Updated last week
• interlynk-io / sbomqs
  sbomqs: The Comprehensive SBOM Quality & Compliance Tool
  ☆245Updated last week
• sigstore / sigstore-js
  Code-signing for npm packages
  ☆169Updated this week
• microsoft / sarif-js-sdk
  JavaScript code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oas…
  ☆29Updated last year
• snyk-labs / github-actions-scanner
  Scans your Github Actions for security issues
  ☆86Updated last week
• openvex / vexctl
  A tool to create, transform and attest VEX metadata
  ☆159Updated this week
• ossf / scorecard-action
  Official GitHub Action for OpenSSF Scorecard.
  ☆337Updated last week
• OpenChain-Project / SBOM-sg
  This is the GitHub repo of the OpenChain SBOM Study Group
  ☆12Updated 2 months ago
• nyph-infosec / daggerboard
  ☆102Updated last year
• ossf / tac
  Technical Advisory Council
  ☆131Updated this week
• openvex / spec
  OpenVEX Specification
  ☆159Updated 4 months ago
• spdx / ntia-conformance-checker
  Check SPDX SBOM for NTIA minimum elements
  ☆72Updated this week