IBM/sbom-utility external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

IBM/sbom-utility

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/IBM/sbom-utility)

Close

IBM / sbom-utilityView on GitHubMore

• External links
• Readme badge

This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility

☆60Apr 17, 2023Updated 3 years ago

Alternatives and similar repositories for sbom-utility

Users that are interested in sbom-utility are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• nyph-infosec / daggerboard

  View on GitHub
  ☆102Sep 27, 2024Updated last year
• SecureStackCo / actions-sbom

  View on GitHub
  A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, sta…
  ☆25Jun 7, 2023Updated 3 years ago
• dekkagaijin / spiffe-sigstore-tutorial

  View on GitHub
  ☆11Nov 11, 2022Updated 3 years ago
• tacosframework / TACOS-spec

  View on GitHub
  TACOS framework structural details
  ☆20May 12, 2025Updated last year
• CycloneDX / transparency-exchange-api

  View on GitHub
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆108May 20, 2026Updated 3 weeks ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• philips-software / SPDXMerge

  View on GitHub
  SPDX Merge tool
  ☆51May 18, 2026Updated 3 weeks ago
• chainguard-dev / vex

  View on GitHub
  vexctl is a tool to attest VEX impact statements
  ☆45Mar 27, 2023Updated 3 years ago
• armijnhemel / compliance-scripts

  View on GitHub
  A collection of scripts for license compliance scanning, mostly experimental
  ☆21Jun 16, 2025Updated 11 months ago
• omnibor / bomsh

  View on GitHub
  Collection of tools for producing and exploring OmniBOR data.
  ☆22Oct 31, 2024Updated last year
• iriusrisk / OpenThreatModel

  View on GitHub
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆184Dec 11, 2025Updated 6 months ago
• CycloneDX / sbom-utility

  View on GitHub
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆141Updated this week
• Permiso-io-tools / cloudtail

  View on GitHub
  ☆30Jan 13, 2026Updated 4 months ago
• IBM / gauge

  View on GitHub
  Measure release insights and recommendations for open-source dependencies. Note: this project is archived.
  ☆10Jan 3, 2023Updated 3 years ago
• eBay / sbom-scorecard

  View on GitHub
  Generate a score for your sbom to understand if it will actually be useful.
  ☆243Aug 13, 2024Updated last year
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• vmware-samples / sbom-composer

  View on GitHub
  A tool that takes two or more micro SBOMs and composes them into one distributable SBOM
  ☆23Mar 23, 2023Updated 3 years ago
• kissbom / kissbom-spec

  View on GitHub
  The Keep It Simple Software Bill of Material
  ☆11Jan 31, 2022Updated 4 years ago
• sbs2001 / purl2cpe

  View on GitHub
  This is a mapping of CPEs to package urls created by using VulnerableCode's data
  ☆10Aug 14, 2020Updated 5 years ago
• Hitachi / open-license

  View on GitHub
  OSS License Open Data
  ☆12Jun 28, 2019Updated 6 years ago
• wolfi-dev / community

  View on GitHub
  Documents and tools powering the Wolfi OS community
  ☆24Apr 22, 2026Updated last month
• appvia / cosign-keyless-admission-webhook

  View on GitHub
  Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
  ☆24May 28, 2026Updated 2 weeks ago
• org-metaeffekt / metaeffekt-universe

  View on GitHub
  Project providing insights on the metaeffekt license database.
  ☆12May 14, 2026Updated 3 weeks ago
• quic / lid

  View on GitHub
  License Identifier
  ☆15Mar 25, 2021Updated 5 years ago
• eclipse-jbom / jbom

  View on GitHub
  ☆123Apr 15, 2025Updated last year
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• ckotzbauer / sbom-operator

  View on GitHub
  Catalogue all images of a Kubernetes cluster to multiple targets with Syft
  ☆230Updated this week
• philips-software / license-scanner

  View on GitHub
  Service to scan licenses from source code
  ☆12Aug 14, 2023Updated 2 years ago
• liberapay / git-lfs-fetch.py

  View on GitHub
  Lightweight Git Large File Storage fetcher written in python
  ☆34Apr 7, 2023Updated 3 years ago
• chris-short / chkcerts

  View on GitHub
  A Go program to display certificate chains simply and quickly with an easy to remember syntax
  ☆29Mar 28, 2026Updated 2 months ago
• hyperledger-labs / SParts

  View on GitHub
  The Software Parts (SParts) lab delivers a Sawtooth-based ledger that provides both accountability and access to the open source componen…
  ☆13Feb 20, 2020Updated 6 years ago
• devops-kung-fu / hookz

  View on GitHub
  Manages client side git hooks resulting in the ability to create git action pipelines.
  ☆78Jul 5, 2024Updated last year
• hasheddan / veneer

  View on GitHub
  A library for representing OCI image layers in an abstract filesystem
  ☆27Jul 9, 2020Updated 5 years ago
• vinland-technology / flict

  View on GitHub
  free and open source software license compatibility tool.
  ☆53Apr 9, 2025Updated last year
• philips-labs / fatt

  View on GitHub
  fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…
  ☆11May 11, 2026Updated last month
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• ckotzbauer / vulnerability-operator

  View on GitHub
  Scans SBOMs for vulnerabilities with Grype
  ☆87Updated this week
• Excoriate / daggerverse

  View on GitHub
  A collection of Dagger modules powered by Dagger.
  ☆17Aug 3, 2025Updated 10 months ago
• renovatebot / osv-offline

  View on GitHub
  A collection of packages for using security advisories from osv.dev in Node.js.
  ☆21Updated this week
• cdxgen / cdxgen

  View on GitHub
  Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…
  ☆979Jun 4, 2026Updated last week
• tap8stry / orion

  View on GitHub
  Go beyond package manager discovery for SBOM
  ☆18Feb 22, 2022Updated 4 years ago
• kubernetes-retired / contributor-tweets

  View on GitHub
  Repo for automating tweets to the K8sContributor twitter account owned by the k8s Contributor Comms Team within SIG-contribex (https://gi…
  ☆13Sep 8, 2023Updated 2 years ago
• estafette / estafette-vulnerability-scanner

  View on GitHub
  An application that regularly scans all containers in a Kubernetes cluster for vulnerabilities
  ☆50Apr 27, 2023Updated 3 years ago