aboutcode-org / univers
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
☆35Updated 6 months ago
Alternatives and similar repositories for univers:
Users that are interested in univers are comparing it to the libraries listed below
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆45Updated this week
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆74Updated last week
- PURL to CPE Relationship mapping project.☆86Updated this week
- Python implementation of OWASP CycloneDX☆80Updated 2 weeks ago
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆65Updated 2 weeks ago
- SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.☆69Updated 2 weeks ago
- Automate open source license compliance and ensure software supply chain integrity☆31Updated this week
- Open Source Vulnerability schema.☆198Updated last week
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆21Updated 2 months ago
- ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored…☆130Updated this week
- The model for the information captured in SPDX version 3 standard.☆81Updated last week
- Utility that converts SBOM documents from CycloneDX to SPDX☆28Updated last year
- This is a mapping of CPEs to package urls created by using VulnerableCode's data☆9Updated 4 years ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆88Updated last week
- Automating Compliance Tooling Project☆21Updated 3 years ago
- The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.☆50Updated this week
- This tool compares two Software Bill of Materials (SBOMs) and reports the differences.☆31Updated 5 months ago
- SBOM quality score - Quality metrics for your sboms☆205Updated last week
- Feed parsing for language package manager updates☆78Updated 4 months ago
- The Keep It Simple Software Bill of Material☆11Updated 3 years ago
- Machine-readable specification for the attestation of security-relevant data.☆59Updated last week
- Report on quality of SBOM contents☆17Updated 3 months ago
- Produce an Open Source Vulnerability JSON file based on information in an SPDX document☆64Updated 10 months ago
- Enrich SBOMs with data from third party services☆165Updated 2 weeks ago
- Check SPDX SBOM for NTIA minimum elements☆62Updated 2 weeks ago
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆571Updated this week
- Sbommage is an interactive terminal frontend for viewing Software Bill of Materials (SBOM) files in various formats.☆26Updated 2 months ago
- OpenVEX Specification☆144Updated 2 weeks ago
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆92Updated last week
- CaPyCLI - Python scripts for software license compliance automation with SW360☆16Updated last week