CycloneDX / gh-python-generate-sbom
GitHub action to generate a CycloneDX SBOM for Python
☆14Updated 2 weeks ago
Alternatives and similar repositories for gh-python-generate-sbom:
Users that are interested in gh-python-generate-sbom are comparing it to the libraries listed below
- Publishes BOMs to Dependency-Track from GitHub Actions☆48Updated 3 months ago
- Python implementation of OWASP CycloneDX☆73Updated this week
- A BOM repository server for distributing CycloneDX BOMs☆75Updated 10 months ago
- Utility that provides an API platform for validating, querying and managing BOM data☆99Updated 2 months ago
- Sharing software supply chain security open source projects☆43Updated 2 years ago
- SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.☆62Updated this week
- Enrich SBOMs with data from third party services☆152Updated this week
- Utility that provides an API and CLI to identify licenses and legal terms☆43Updated 7 months ago
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆72Updated 3 months ago
- SPDX Merge tool☆39Updated 4 months ago
- Software Component Verification Standard (SCVS)☆138Updated 9 months ago
- Open Source Vulnerability schema.☆190Updated last week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆77Updated last week
- Check SPDX SBOM for NTIA minimum elements☆58Updated this week
- A place to systematically store software bill of materials (SBOM) documents.☆44Updated last year
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆57Updated 9 months ago
- OPENSSF SECURITY INSIGHTS: Repository for development of the draft standard, where requests for modification should be made via Github Is…☆56Updated 2 weeks ago
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆19Updated last week
- Report missing advisories and corrections on OSS Index☆17Updated 2 years ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆104Updated last month
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆49Updated 2 weeks ago
- Feed parsing for language package manager updates☆76Updated last month
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆61Updated last year
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆32Updated 2 years ago
- OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…☆155Updated last week
- Compare vulnerability scanners results (to make them better!)☆16Updated 2 weeks ago
- Generate a score for your sbom to understand if it will actually be useful.☆224Updated 5 months ago
- CVSS2/3/4 library with interactive calculator for Python 2 and Python 3☆89Updated 2 months ago
- PURL to CPE Relationship mapping project.☆82Updated this week
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆66Updated this week