OpenChain-Project / Reference-MaterialLinks
This repository contains the reference material related to the OpenChain Project
☆98Updated this week
Alternatives and similar repositories for Reference-Material
Users that are interested in Reference-Material are comparing it to the libraries listed below
Sorting:
- Examples of SPDX files for software combinations☆136Updated 3 months ago
- Check SPDX SBOM for NTIA minimum elements☆72Updated this week
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆65Updated last year
- SW360 project☆167Updated this week
- OpenSSF Endusers Working Group☆28Updated last year
- The model for the information captured in SPDX version 3 standard.☆95Updated last week
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆342Updated last week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆104Updated 3 weeks ago
- This is the OpenChain Telco Work Group☆17Updated last week
- This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles☆88Updated 4 months ago
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆203Updated 5 months ago
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆431Updated this week
- ☆36Updated 8 months ago
- ☆102Updated last year
- sbomasm: The Complete SBOM Management Toolkit☆86Updated last week
- A Python library to parse, validate and create SPDX documents.☆226Updated 2 months ago
- ☆22Updated 10 months ago
- A standard API specification for exchanging supply chain artifacts and intelligence☆84Updated 3 weeks ago
- The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.☆56Updated last week
- The SCANOSS python package providing a simple, easy to consume library for interacting with SCANOSS APIs/Engine.☆34Updated this week
- Utility that converts SBOM documents from CycloneDX to SPDX☆34Updated last year
- Global Cyber Policy Working Group☆86Updated last month
- OSPO Landscape☆40Updated last month
- PURL to CPE Relationship mapping project.☆95Updated this week
- SPDX Tools☆143Updated 2 years ago
- ☆111Updated last week
- Repository for on-going work as part of the SBOM for AI Tiger Team effort.☆39Updated 2 months ago
- A light-weight app to audit and inventory large codebases for open source license compliance.☆66Updated this week
- Automating Compliance Tooling Project☆22Updated 3 years ago
- Vuln Disclosure WG's new SIG☆11Updated last year