aboutcode-org / container-inspectorLinks
container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relate to each other. It can also handle OCI images and Dockerfiles.
☆37Updated 5 months ago
Alternatives and similar repositories for container-inspector
Users that are interested in container-inspector are comparing it to the libraries listed below
Sorting:
- QMSTR compliance tool☆32Updated 3 years ago
- SPDX Tools☆142Updated 2 years ago
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆69Updated last month
- Automating Compliance Tooling Project☆21Updated 3 years ago
- Machine-readable specification for the attestation of security-relevant data.☆61Updated last month
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆52Updated this week
- Automate open source license compliance and ensure software supply chain integrity☆34Updated 2 weeks ago
- AboutCode Toolkit provides a simple way to document provenance metadata (origin and license) about third-party code that you use in your…☆98Updated 2 months ago
- GitHub Action to get a license overview in SPDX format☆14Updated 3 years ago
- Service to scan licenses from source code☆12Updated 2 years ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆100Updated 3 weeks ago
- ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored…☆148Updated last week
- ☆65Updated last year
- Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs…☆37Updated last week
- Examples of SPDX files for software combinations☆135Updated 2 months ago
- A CLI tool for creating secure by design/default source repos.☆26Updated last year
- Doc, wiki and organizational content for ClearlyDefined☆101Updated 3 weeks ago
- free and open source software license compatibility tool.☆48Updated 4 months ago
- This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles☆88Updated 2 months ago
- Project providing insights on the metaeffekt license database.☆11Updated this week
- sbomasm: The Complete SBOM Management Toolkit☆75Updated last week
- A light-weight app to audit and inventory large codebases for open source license compliance.☆66Updated last week
- SBOM Search - Context aware search in SBOM repositories☆28Updated last week
- A Python library to parse, validate and create SPDX documents.☆226Updated last month
- Prospector permits automated collection of a wide range of metrics of open source projects useful in evaluating the project.☆66Updated 6 years ago
- Search an SBOM for licenses and the packages they belong to☆100Updated this week
- Sbommage is an interactive terminal frontend for viewing Software Bill of Materials (SBOM) files in various formats.☆32Updated last week
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆94Updated 2 weeks ago
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆341Updated last week
- PURL to CPE Relationship mapping project.☆93Updated this week