aboutcode-org / universLinks
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
☆37Updated 3 weeks ago
Alternatives and similar repositories for univers
Users that are interested in univers are comparing it to the libraries listed below
Sorting:
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆79Updated last month
- PURL to CPE Relationship mapping project.☆95Updated this week
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆52Updated last week
- This is a mapping of CPEs to package urls created by using VulnerableCode's data☆10Updated 5 years ago
- Python implementation of OWASP CycloneDX☆87Updated last week
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆69Updated 2 months ago
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆23Updated 8 months ago
- Open Source Vulnerability schema.☆208Updated last week
- Automate open source license compliance and ensure software supply chain integrity☆34Updated 2 weeks ago
- sbomasm: The Complete SBOM Management Toolkit☆86Updated last week
- OSS License Open Data☆12Updated 6 years ago
- Check SPDX SBOM for NTIA minimum elements☆72Updated this week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆104Updated 3 weeks ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆354Updated this week
- The Keep It Simple Software Bill of Material☆11Updated 3 years ago
- NVD API 2.0 client for CVE information☆13Updated 4 months ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆34Updated last year
- This tool compares two Software Bill of Materials (SBOMs) and reports the differences.☆33Updated 11 months ago
- A Python library to parse, validate and create SPDX documents.☆226Updated 2 months ago
- ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored…☆150Updated this week
- Low-effort reachability analysis for third-party code vulnerabilities.☆21Updated 2 years ago
- Utility that provides an API platform for validating, querying and managing BOM data☆120Updated last week
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆245Updated this week
- This project aims to standardize the representation and management of EOL and EOS product information across the industry.☆29Updated last year
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆203Updated 5 months ago
- Feed parsing for language package manager updates☆78Updated 10 months ago
- apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information☆23Updated 3 years ago
- CaPyCLI - Python scripts for software license compliance automation with SW360☆19Updated last month
- SBOM Search - Context aware search in SBOM repositories☆29Updated this week
- OpenVEX Specification☆158Updated 4 months ago