aboutcode-org / univers
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
☆34Updated 5 months ago
Alternatives and similar repositories for univers:
Users that are interested in univers are comparing it to the libraries listed below
- Python implementation of OWASP CycloneDX☆78Updated last week
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆73Updated 4 months ago
- PURL to CPE Relationship mapping project.☆83Updated this week
- Open Source Vulnerability schema.☆195Updated this week
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆64Updated last month
- Automate open source license compliance and ensure software supply chain integrity☆29Updated this week
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆41Updated this week
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆20Updated 2 months ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆28Updated last year
- ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored…☆128Updated this week
- The Keep It Simple Software Bill of Material☆11Updated 3 years ago
- SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.☆63Updated this week
- Machine-readable specification for the attestation of security-relevant data.☆57Updated last week
- The model for the information captured in SPDX version 3 standard.☆77Updated last week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆296Updated this week
- Automating Compliance Tooling Project☆20Updated 3 years ago
- Enrich SBOMs with data from third party services☆161Updated last month
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆88Updated this week
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆111Updated 2 weeks ago
- Feed parsing for language package manager updates☆78Updated 3 months ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆86Updated last week
- SPDX Merge tool☆41Updated 2 weeks ago
- This tool compares two Software Bill of Materials (SBOMs) and reports the differences.☆31Updated 4 months ago
- Check SPDX SBOM for NTIA minimum elements☆60Updated last week
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆186Updated 3 weeks ago
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆69Updated this week
- A tool to generate a SBOM (Software Bill of Materials) for an installed Python module☆30Updated last week
- SBOM quality score - Quality metrics for your sboms☆196Updated this week
- A small application which needs a better name and collects oss-license metadata and combines it☆31Updated last month