SAP / fosstars-rating-coreView external linksLinks
A framework for defining ratings for open source projects. In particular, the framework offers a security rating for open source projects that may be used to assess the security risk that comes with open source components.
☆64Apr 5, 2025Updated 10 months ago
Alternatives and similar repositories for fosstars-rating-core
Users that are interested in fosstars-rating-core are comparing it to the libraries listed below
Sorting:
- GitHub action to produce a SBOM report from a given Black Duck project☆12Feb 5, 2026Updated last week
- A java api and command line tool for scanning, reporting and fixing a git repository's InnerSource Readiness based on a supplied specific…☆20Sep 8, 2023Updated 2 years ago
- A collection of scripts for license compliance scanning, mostly experimental☆21Jun 16, 2025Updated 8 months ago
- The official Open Component Model Specification☆15Dec 12, 2025Updated 2 months ago
- A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).☆12Jul 12, 2025Updated 7 months ago
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆11Jan 26, 2026Updated 3 weeks ago
- Service to scan licenses from source code☆12Aug 14, 2023Updated 2 years ago
- A license checker for source code written in python☆12Jun 13, 2017Updated 8 years ago
- License Identifier☆14Mar 25, 2021Updated 4 years ago
- A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…☆54Jan 26, 2026Updated 3 weeks ago
- Generates SPDX bill-of-material files from a package input and license scan☆13Apr 15, 2024Updated last year
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Jan 27, 2025Updated last year
- Automatically Manage Outside Collaborators Organization-wide☆61Updated this week
- Docker CI scripts☆12Nov 24, 2025Updated 2 months ago
- Kotlin JS SDK for writing GitHub Actions☆16Nov 23, 2022Updated 3 years ago
- SPDX Merge tool☆50Apr 22, 2025Updated 9 months ago
- Monorepo for Identity Box☆20Aug 11, 2024Updated last year
- A bank account statement analyzer☆20Updated this week
- The Disclosure-CLI provides an easy way to access the public api of the FOSS Disclosure Portal. It is the recommended tool for external s…☆18Dec 29, 2025Updated last month
- A Java library for calculating CVSSv2, CVSSv3, and CVSSv4 scores and vectors☆51Jan 22, 2026Updated 3 weeks ago
- Automating Compliance Tooling Project☆22Jan 28, 2022Updated 4 years ago
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Apr 17, 2023Updated 2 years ago
- Run ORT in your GitHub action workflow to do licensing, security and best practices checks and generate reports/SBOMs☆33Nov 10, 2025Updated 3 months ago
- Collection of tools for analyzing open source packages.☆357Updated this week
- Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team☆33Feb 2, 2026Updated 2 weeks ago
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆33Oct 24, 2022Updated 3 years ago
- KotlinX Serialization Standard Serializers (KS3)☆31Feb 5, 2026Updated last week
- Need to centrally manage and run Actions workflows across multiple repositories? This app does it for you.☆135Apr 30, 2024Updated last year
- A tool to check the security settings of Github Organizations.☆75Feb 9, 2026Updated last week
- Examples of SPDX files for software combinations☆142Nov 15, 2025Updated 3 months ago
- On-prem GitHub Actions runners, backed by Kubernetes☆36Jan 18, 2022Updated 4 years ago
- Sources for the UEFI experiments on https://krinkinmu.github.io/☆35Oct 24, 2023Updated 2 years ago
- Home page of project "KB"☆132Mar 27, 2025Updated 10 months ago
- A small application which needs a better name and collects oss-license metadata and combines it☆32Nov 26, 2025Updated 2 months ago
- Panels from GrimoireLab dashboards☆39Sep 23, 2025Updated 4 months ago
- TOPPERSユーザーズフォーラム:ユーザのためのQ&Aおよび情報交換の場☆12Jun 16, 2022Updated 3 years ago
- A scalable server implementation of the OSS Review Toolkit.☆49Updated this week
- Fleming repo to run semantic search models on databricks on CPU.☆14Jan 29, 2026Updated 2 weeks ago
- FOSSLight Dependency Scanner☆36Updated this week