QMSTR / qmstrLinks
QMSTR compliance tool
☆32Updated 3 years ago
Alternatives and similar repositories for qmstr
Users that are interested in qmstr are comparing it to the libraries listed below
Sorting:
- container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat…☆37Updated 5 months ago
- SPDX Tools☆141Updated 2 years ago
- Automating Compliance Tooling Project☆21Updated 3 years ago
- OSPO Landscape☆38Updated 4 months ago
- Examples of SPDX files for software combinations☆134Updated 2 months ago
- Example CLI project to demo API architecture and protobom library☆22Updated this week
- ☆63Updated last year
- A light-weight app to audit and inventory large codebases for open source license compliance.☆66Updated last week
- opengovernance.dev☆41Updated 6 years ago
- This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles☆88Updated 2 months ago
- Prospector permits automated collection of a wide range of metrics of open source projects useful in evaluating the project.☆66Updated 6 years ago
- A small application which needs a better name and collects oss-license metadata and combines it☆32Updated last week
- A specification for signing methods and formats used by Secure Systems Lab projects.☆83Updated 11 months ago
- Publications done by Double Open.☆16Updated 5 years ago
- Machine-readable specification for the attestation of security-relevant data.☆60Updated last month
- Doc, wiki and organizational content for ClearlyDefined☆101Updated 3 weeks ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆99Updated 2 weeks ago
- Open Source Programs (OSPO) Survey☆75Updated 2 months ago
- Darkfiles finds orphaned files in container images and makes them to bad deeds☆42Updated 2 years ago
- A java api and command line tool for scanning, reporting and fixing a git repository's InnerSource Readiness based on a supplied specific…☆20Updated last year
- Documentation and guidance for handling outbound open source for organizations☆21Updated 2 years ago
- CLOMonitor is a tool that periodically checks open source projects repositories to verify they meet certain project health best practices☆136Updated this week
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆69Updated last month
- Open Source Policy Examples and Templates☆187Updated 2 years ago
- Implementation-agnostic metrics for assessing open source community health. Maintained by the CHAOSS Metrics Committee.☆182Updated 3 years ago
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆94Updated last week
- The Disclosure-CLI provides an easy way to access the public api of the FOSS Disclosure Portal. It is the recommended tool for external s…☆16Updated 2 weeks ago
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆340Updated last week
- A CLI tool for creating secure by design/default source repos.☆26Updated last year
- Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts☆16Updated last week