aboutcode-org / universLinks
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
☆37Updated 3 weeks ago
Alternatives and similar repositories for univers
Users that are interested in univers are comparing it to the libraries listed below
Sorting:
- PURL to CPE Relationship mapping project.☆94Updated this week
- Automate open source license compliance and ensure software supply chain integrity☆34Updated last month
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆78Updated last week
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆52Updated this week
- Python implementation of OWASP CycloneDX☆85Updated this week
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆69Updated last month
- This is a mapping of CPEs to package urls created by using VulnerableCode's data☆10Updated 5 years ago
- Open Source Vulnerability schema.☆207Updated this week
- OSS License Open Data☆12Updated 6 years ago
- ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored…☆149Updated this week
- The Keep It Simple Software Bill of Material☆11Updated 3 years ago
- A Python library to parse, validate and create SPDX documents.☆225Updated 2 months ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆102Updated this week
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆23Updated 7 months ago
- CaPyCLI - Python scripts for software license compliance automation with SW360☆19Updated last month
- Utility that converts SBOM documents from CycloneDX to SPDX☆34Updated last year
- OSADL license compatibility matrix as a CSV☆16Updated 9 months ago
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆201Updated 5 months ago
- This tool compares two Software Bill of Materials (SBOMs) and reports the differences.☆32Updated 10 months ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆333Updated this week
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆629Updated this week
- Check SPDX SBOM for NTIA minimum elements☆67Updated this week
- sbomasm: The Complete SBOM Management Toolkit☆78Updated this week
- SupplyShield is an open-source application security orchestration framework designed to secure your software supply chain from vulnerabil…☆14Updated 9 months ago
- Publications done by Double Open.☆16Updated 5 years ago
- Feed parsing for language package manager updates☆78Updated 9 months ago
- container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat…☆37Updated 6 months ago
- Project providing insights on the metaeffekt license database.☆12Updated 2 weeks ago
- free and open source software license compatibility tool.☆48Updated 5 months ago
- OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…☆191Updated this week