aboutcode-org / universLinks
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
☆37Updated last week
Alternatives and similar repositories for univers
Users that are interested in univers are comparing it to the libraries listed below
Sorting:
- PURL to CPE Relationship mapping project.☆91Updated this week
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆75Updated this week
- Python implementation of OWASP CycloneDX☆84Updated this week
- This is a mapping of CPEs to package urls created by using VulnerableCode's data☆10Updated 4 years ago
- Open Source Vulnerability schema.☆205Updated this week
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆51Updated this week
- Automate open source license compliance and ensure software supply chain integrity☆33Updated this week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆96Updated 2 weeks ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆34Updated last year
- OSS License Open Data☆12Updated 6 years ago
- ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored…☆142Updated this week
- SBOM Edit - Conditional edits and merging of SBOMs☆74Updated last week
- OSADL license compatibility matrix as a CSV☆16Updated 7 months ago
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆68Updated 2 weeks ago
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆22Updated 6 months ago
- SBOM Assess - Evaluate SBOM quality and compliance☆221Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆322Updated this week
- The model for the information captured in SPDX version 3 standard.☆91Updated this week
- Check SPDX SBOM for NTIA minimum elements☆66Updated last week
- CaPyCLI - Python scripts for software license compliance automation with SW360☆19Updated last week
- Machine-readable specification for the attestation of security-relevant data.☆60Updated 2 weeks ago
- Publications done by Double Open.☆16Updated 5 years ago
- This tool compares two Software Bill of Materials (SBOMs) and reports the differences.☆32Updated 9 months ago
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆194Updated this week
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆199Updated 3 months ago
- A small application which needs a better name and collects oss-license metadata and combines it☆32Updated 3 months ago
- container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat…☆38Updated 4 months ago
- The Keep It Simple Software Bill of Material☆11Updated 3 years ago
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆406Updated last week
- A standard API specification for exchanging supply chain artifacts and intelligence☆83Updated last month