aboutcode-org / universLinks
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
☆36Updated 2 weeks ago
Alternatives and similar repositories for univers
Users that are interested in univers are comparing it to the libraries listed below
Sorting:
- PURL to CPE Relationship mapping project.☆91Updated this week
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆74Updated 2 weeks ago
- Python implementation of OWASP CycloneDX☆83Updated this week
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆48Updated this week
- This is a mapping of CPEs to package urls created by using VulnerableCode's data☆10Updated 4 years ago
- Open Source Vulnerability schema.☆202Updated 3 weeks ago
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆22Updated 5 months ago
- Automate open source license compliance and ensure software supply chain integrity☆32Updated this week
- The model for the information captured in SPDX version 3 standard.☆85Updated last week
- SBOM Edit - Conditional edits and merging of SBOMs☆70Updated last week
- ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored…☆136Updated this week
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆67Updated 2 months ago
- Enrich SBOMs with data from third party services☆176Updated 2 months ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆30Updated last year
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆93Updated last week
- Automating Compliance Tooling Project☆21Updated 3 years ago
- Check SPDX SBOM for NTIA minimum elements☆64Updated last week
- The Keep It Simple Software Bill of Material☆11Updated 3 years ago
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆99Updated this week
- A small application which needs a better name and collects oss-license metadata and combines it☆32Updated 2 months ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆314Updated this week
- Utility that provides an API and CLI to identify licenses and legal terms☆51Updated 3 weeks ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆120Updated last week
- Utility that provides an API platform for validating, querying and managing BOM data☆113Updated 3 weeks ago
- Report on quality of SBOM contents☆17Updated 6 months ago
- OSADL license compatibility matrix as a CSV☆16Updated 6 months ago
- Library to ingest and generate SBOMs☆25Updated last week
- CaPyCLI - Python scripts for software license compliance automation with SW360☆19Updated last week
- A Python library to parse, validate and create SPDX documents.☆215Updated 2 months ago
- A standard API specification for exchanging supply chain artifacts and intelligence☆82Updated last week