aboutcode-org / universLinks
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
☆38Updated 2 months ago
Alternatives and similar repositories for univers
Users that are interested in univers are comparing it to the libraries listed below
Sorting:
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆85Updated last month
- PURL to CPE Relationship mapping project.☆106Updated this week
- Functionality and DataModels of OWASP CycloneDX for Python☆100Updated this week
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆72Updated 5 months ago
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆58Updated last week
- Open Source Vulnerability schema.☆224Updated last week
- Automate open source license compliance and ensure software supply chain integrity☆37Updated last week
- ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored…☆166Updated 2 weeks ago
- This tool compares two Software Bill of Materials (SBOMs) and reports the differences.☆40Updated last year
- This is a mapping of CPEs to package urls created by using VulnerableCode's data☆10Updated 5 years ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆111Updated 2 weeks ago
- sbomasm: The Complete SBOM Management Toolkit☆100Updated last week
- The Keep It Simple Software Bill of Material☆11Updated 3 years ago
- A Python library to parse, validate and create SPDX documents.☆231Updated last week
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆24Updated last year
- CaPyCLI - Python scripts for software license compliance automation with SW360☆21Updated 3 weeks ago
- Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.☆76Updated last week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆434Updated this week
- Enrich SBOMs with data from third party services☆213Updated last month
- Utility that provides an API platform for validating, querying and managing BOM data☆124Updated 2 weeks ago
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆263Updated last week
- Utility that converts SBOM documents from CycloneDX to SPDX☆33Updated 2 years ago
- OSADL license compatibility matrix as a CSV☆17Updated last year
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆641Updated last week
- SBOM Search - Context aware search in SBOM repositories☆29Updated last month
- container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat�…☆37Updated 10 months ago
- SupplyShield is an open-source application security orchestration framework designed to secure your software supply chain from vulnerabil…☆16Updated last month
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆466Updated this week
- Feed parsing for language package manager updates☆80Updated last year
- Publications done by Double Open.☆16Updated 5 years ago