aboutcode-org / univers
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
☆32Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for univers
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆70Updated last week
- PURL to CPE Relationship mapping project.☆76Updated this week
- Python implementation of OWASP CycloneDX☆69Updated last week
- Automate open source license compliance and ensure software supply chain integrity☆25Updated this week
- The model for the information captured in SPDX version 3 standard.☆70Updated 2 weeks ago
- SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.☆57Updated last week
- ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored…☆117Updated this week
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆58Updated 2 weeks ago
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆35Updated this week
- Utility that converts SBOM documents from CycloneDX to SPDX☆29Updated 9 months ago
- Feed parsing for language package manager updates☆71Updated this week
- Open Source Vulnerability schema.☆184Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆247Updated this week
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆19Updated last year
- The Keep It Simple Software Bill of Material☆11Updated 2 years ago
- Automating Compliance Tooling Project☆20Updated 2 years ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆70Updated last month
- SPDX Tools☆130Updated last year
- Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners☆12Updated 3 weeks ago
- This tool compares two Software Bill of Materials (SBOMs) and reports the differences.☆26Updated last week
- Utility that provides an API platform for validating, querying and managing BOM data☆94Updated this week
- Utility that provides an API and CLI to identify licenses and legal terms☆43Updated 4 months ago
- A Python library to parse, validate and create SPDX documents.☆187Updated last month
- Check SPDX SBOM for NTIA minimum elements☆53Updated this week
- CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments☆256Updated this week
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆75Updated this week
- SBOM quality score - Quality metrics for your sboms☆184Updated this week
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆179Updated 3 months ago
- OpenVEX Specification☆130Updated 3 months ago
- A web based tool for working with CycloneDX BOMs☆30Updated 2 months ago