Alternatives and similar repositories for tools-image:

Users that are interested in tools-image are comparing it to the libraries listed below

• csaf-tools / CVRF-CSAF-Converter
  A CVRF CSAF Converter, taking care about OASIS specification.
  ☆10Updated 3 weeks ago
• swinslow / npm-spdx
  Golang tool to pull and summarize NPM license info
  ☆12Updated 2 years ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated 10 months ago
• tacosframework / TACOS-spec
  TACOS framework structural details
  ☆20Updated last year
• in-toto / community
  in-toto is a framework to secure the software supply chain.
  ☆70Updated 3 weeks ago
• ossf / ossf-landscape
  ☆27Updated last week
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated last year
• anthonyharrison / sbom4python
  A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
  ☆28Updated this week
• ComplianceAsCode / auditree-harvest
  The Auditree data gathering and reporting tool.
  ☆13Updated 5 months ago
• sbomtools / apt2sbom
  apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information
  ☆22Updated 2 years ago
• vwt-digital / sec-helpers
  Collection of dynamic security related helpers
  ☆16Updated 2 years ago
• philips-software / SPDXMerge
  SPDX Merge tool
  ☆39Updated 4 months ago
• interlynk-io / sbomex
  Find & pull public SBOMs
  ☆16Updated 5 months ago
• jpetrucciani / bandit-check
  github action to run the bandit security linter
  ☆14Updated 4 months ago
• CycloneDX / license-scanner
  Utility that provides an API and CLI to identify licenses and legal terms
  ☆43Updated 7 months ago
• thinksabin / DTrackAuditor
  DTrackAuditor is the python script to faciliate usage of DependencyTrack in the CI.
  ☆10Updated 3 weeks ago
• oasis-tcs / openeox
  OASIS OpenEoX TC: The purpose of this repository is to support version control for Work Product artifacts developed by members of the OAS…
  ☆13Updated last week
• CycloneDX / cyclonedx-bom-repo-server
  A BOM repository server for distributing CycloneDX BOMs
  ☆75Updated 10 months ago
• interlynk-io / sbomgr
  SBOM Grep - search through SBOMs
  ☆21Updated last month
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆77Updated last week
• ossf / wg-endusers
  OpenSSF Endusers Working Group
  ☆28Updated 10 months ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆44Updated last year
• OWASP / packman
  A documentation and tracking project with the goal of making package management systems more secure.
  ☆50Updated 3 years ago
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated this week
• sonatype-nexus-community / ahab
  ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.
  ☆68Updated 9 months ago
• aboutcode-org / container-inspector
  container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat…
  ☆35Updated 5 months ago
• kusaridev / spector
  Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks
  ☆31Updated last year
• artis3n / course-vault-github-oidc
  Take this course to learn how to create fine-grained, least-privilege HashiCorp Vault roles for GitHub Action workflows using GitHub OIDC…
  ☆13Updated 9 months ago
• butonic / adr-tools
  Command-line tools for working with Architecture Decision Records
  ☆15Updated 3 years ago