aboutcode-org / universLinks
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
☆37Updated this week
Alternatives and similar repositories for univers
Users that are interested in univers are comparing it to the libraries listed below
Sorting:
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆77Updated this week
- PURL to CPE Relationship mapping project.☆93Updated last week
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆51Updated this week
- Python implementation of OWASP CycloneDX☆85Updated last week
- This is a mapping of CPEs to package urls created by using VulnerableCode's data☆10Updated 5 years ago
- ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored…☆148Updated this week
- Open Source Vulnerability schema.☆206Updated last week
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆22Updated 7 months ago
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆69Updated last month
- sbomasm: The Complete SBOM Management Toolkit☆74Updated this week
- OSS License Open Data☆12Updated 6 years ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆100Updated 2 weeks ago
- The model for the information captured in SPDX version 3 standard.☆92Updated this week
- Utility that converts SBOM documents from CycloneDX to SPDX☆34Updated last year
- Automate open source license compliance and ensure software supply chain integrity☆34Updated last week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆326Updated this week
- OSADL license compatibility matrix as a CSV☆16Updated 8 months ago
- A Python library to parse, validate and create SPDX documents.☆226Updated last month
- Publications done by Double Open.☆16Updated 5 years ago
- Check SPDX SBOM for NTIA minimum elements☆66Updated this week
- CaPyCLI - Python scripts for software license compliance automation with SW360☆19Updated last week
- Machine-readable specification for the attestation of security-relevant data.☆60Updated last month
- Enrich SBOMs with data from third party services☆188Updated this week
- free and open source software license compatibility tool.☆48Updated 4 months ago
- The Keep It Simple Software Bill of Material☆11Updated 3 years ago
- A taxonomy of all official CycloneDX property namespaces and names☆18Updated last week
- This tool compares two Software Bill of Materials (SBOMs) and reports the differences.☆32Updated 9 months ago
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆630Updated this week
- A small application which needs a better name and collects oss-license metadata and combines it☆32Updated last week
- Utility that provides an API and CLI to identify licenses and legal terms☆51Updated last month