Generate SBOMs with gh CLI
☆207May 30, 2025Updated last year
Alternatives and similar repositories for gh-sbom
Users that are interested in gh-sbom are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- SBOM Search - Context aware search in SBOM repositories☆32Nov 24, 2025Updated 7 months ago
- Generate a score for your sbom to understand if it will actually be useful.☆240Aug 13, 2024Updated last year
- SBOM Explorer - Discover and pull public SBOMs☆21May 23, 2025Updated last year
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆295Updated this week
- Action to detect if a secret is initially detected in a pull request☆22Jun 22, 2026Updated last week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A taxonomy of all official CycloneDX property namespaces and names☆23Jun 27, 2026Updated last week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆116Feb 28, 2026Updated 4 months ago
- This GitHub Action runs the microsoft/component-detection library to automate dependency extraction at build time.☆22Jun 23, 2026Updated last week
- sbomasm: The Complete SBOM Management Toolkit☆120Updated this week
- OpenVEX Specification☆185Jan 16, 2026Updated 5 months ago
- Action to detect if a secret is initially detected in a PR commit☆11Jun 19, 2023Updated 3 years ago
- SBOM Move - Automate build and transfer of SBOMs across systems☆27May 4, 2026Updated 2 months ago
- GitHub Action to generate a csv file listing the dependencies detected in a repository☆11Apr 4, 2024Updated 2 years ago
- Utility that provides an API platform for validating, querying and managing BOM data☆143Updated this week
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Library to ingest and generate VEX documents☆20Mar 9, 2026Updated 3 months ago
- ☆17Feb 7, 2025Updated last year
- A place to systematically store software bill of materials (SBOM) documents.☆51Jun 1, 2023Updated 3 years ago
- The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.☆2,039Jun 18, 2026Updated 2 weeks ago
- GitHub Advanced Security Python Toolkit☆14Jun 22, 2026Updated last week
- Support CI generation of SBOMs via golang tooling.☆427Jan 13, 2025Updated last year
- Utility that provides an API and CLI to identify licenses and legal terms☆54Jul 11, 2025Updated 11 months ago
- ☆86Dec 10, 2025Updated 6 months ago
- GitHub Action for filtering Code Scanning alerts by path and id☆36Apr 2, 2026Updated 3 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆24Jan 19, 2025Updated last year
- A tool to create, transform and attest VEX metadata☆200Updated this week
- The model for the information captured in SPDX version 3 standard.☆102Jun 24, 2026Updated last week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆619Feb 10, 2026Updated 4 months ago
- Format agnostic SBOM tooling☆140Nov 20, 2025Updated 7 months ago
- A BOM repository server for distributing CycloneDX BOMs☆89Jul 1, 2025Updated last year
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆68Apr 8, 2024Updated 2 years ago
- Build, edit, validate, and export CycloneDX BOMs through an intuitive browser-based interface☆22Jun 20, 2026Updated 2 weeks ago
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆229Oct 21, 2025Updated 8 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Vuln Disclosure WG's new SIG☆11Jan 2, 2024Updated 2 years ago
- PURL to CPE Relationship mapping project.☆118Updated this week
- Get and convert job summaries to Md, PDF, and HTML☆10Nov 20, 2025Updated 7 months ago
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆1,058Jun 25, 2026Updated last week
- Software Component Verification Standard (SCVS)☆160Apr 1, 2025Updated last year
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,513Updated this week
- Optimize the utilization of GHAS licenses in an enterprise (or organization)☆15Feb 12, 2026Updated 4 months ago