A framework for defining ratings for open source projects. In particular, the framework offers a security rating for open source projects that may be used to assess the security risk that comes with open source components.
☆66Jun 22, 2026Updated last week
Alternatives and similar repositories for fosstars-rating-core
Users that are interested in fosstars-rating-core are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- GitHub action to produce a SBOM report from a given Black Duck project☆12Feb 5, 2026Updated 4 months ago
- A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).☆12Jul 12, 2025Updated 11 months ago
- ⚠️ DEPRECATED ⚠️ CI/CD tooling for the SAP Ecosystem, integrated with GitHub Actions☆54Apr 7, 2026Updated 2 months ago
- A java api and command line tool for scanning, reporting and fixing a git repository's InnerSource Readiness based on a supplied specific…☆20Sep 8, 2023Updated 2 years ago
- Generates SPDX bill-of-material files from a package input and license scan☆13Apr 15, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Service to scan licenses from source code☆12Aug 14, 2023Updated 2 years ago
- WARNING - Work in Progress - It is not Bug Free! Use with Caution. This repository contains Dockerfiles and accompanying scripts that all…☆13Jun 22, 2022Updated 4 years ago
- ☆15Jul 27, 2023Updated 2 years ago
- A collection of scripts for license compliance scanning, mostly experimental☆21Jun 16, 2025Updated last year
- Docker CI scripts☆12Nov 24, 2025Updated 7 months ago
- A reimplementation of LastPyMile: A Python-based library to Identify the differences between build artifacts of PyPI packages and the res…☆15Jan 8, 2022Updated 4 years ago
- OSS License Open Data☆12Jun 28, 2019Updated 7 years ago
- OSS License Simple Viewer is a simple Excel-based tool as OSS license reference for engineers.☆14Nov 20, 2020Updated 5 years ago
- GitHub Action to get a license overview in SPDX format☆14Dec 24, 2021Updated 4 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…☆56Jan 26, 2026Updated 5 months ago
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Jan 27, 2025Updated last year
- License Identifier☆15Mar 25, 2021Updated 5 years ago
- A code repository for hosting demo code to optimize the startup performance☆12Feb 21, 2017Updated 9 years ago
- Report missing advisories and corrections on OSS Index☆18Jan 19, 2023Updated 3 years ago
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Apr 17, 2023Updated 3 years ago
- UI5 Tools for vscode☆17May 28, 2026Updated last month
- OpenUI5 control for QR codes☆12Aug 24, 2016Updated 9 years ago
- ABAP RayTracer☆15Sep 7, 2019Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Publications done by Double Open.☆16Jun 5, 2020Updated 6 years ago
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆32Oct 24, 2022Updated 3 years ago
- Provides content useful for IriusRisk threat modelling, including templates, API scripts, libraries and more.☆16Apr 20, 2026Updated 2 months ago
- Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team☆34Feb 2, 2026Updated 4 months ago
- A tool to check the security settings of Github Organizations.☆75Feb 9, 2026Updated 4 months ago
- Externalize Java application access to protected resources as log messages.☆45May 29, 2026Updated 3 weeks ago
- SPDX 2.0 document creation and storage☆16Dec 13, 2022Updated 3 years ago
- The future of DevOps☆10Jan 27, 2022Updated 4 years ago
- Library supporting secure keys, and crypto enabled JSON and CBOR☆17Apr 17, 2026Updated 2 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- A project to extract model data from a SAP system using SOMIX to visualize with Moose2Model☆31Apr 7, 2026Updated 2 months ago
- AWS ECR scanning slack notifications☆13Jul 19, 2023Updated 2 years ago
- The Software Parts (SParts) lab delivers a Sawtooth-based ledger that provides both accountability and access to the open source componen…☆13Feb 20, 2020Updated 6 years ago
- Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners☆14Jun 11, 2026Updated 2 weeks ago
- A bank account statement analyzer☆22Jun 19, 2026Updated last week
- Fedora Cyber Test Lab offers quantitative static and dynamic risk analysis of binaries☆13Feb 11, 2018Updated 8 years ago
- The SAP Cloud SDK documentation and support repository.☆52Updated this week