chainguard-dev / bom-shelter
A place to systematically store software bill of materials (SBOM) documents.
☆42Updated last year
Related projects: ⓘ
- Format agnostic SBOM tooling☆63Updated this week
- Check SPDX SBOM for NTIA minimum elements☆52Updated last week
- The model for the information captured in SPDX version 3 standard.☆68Updated this week
- ☆13Updated this week
- ☆56Updated 2 months ago
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆20Updated last year
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆57Updated 5 months ago
- OpenVEX Specification☆125Updated 2 months ago
- A community collection of security reviews of open source software components.☆92Updated 6 months ago
- Sharing software supply chain security open source projects☆38Updated last year
- ☆45Updated this week
- Find & pull public SBOMs☆13Updated 3 weeks ago
- This project aims to standardize the representation and management of EOL and EOS product information across the industry.☆25Updated 6 months ago
- Utility that provides an API platform for validating, querying and managing BOM data☆88Updated last month
- Utility that converts SBOM documents from CycloneDX to SPDX☆29Updated 8 months ago
- Produce an Open Source Vulnerability JSON file based on information in an SPDX document☆60Updated 3 months ago
- A standard API specification for exchanging supply chain artifacts and intelligence☆43Updated 3 weeks ago
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆61Updated last year
- PURL to CPE Relationship mapping project.☆69Updated this week
- SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.☆54Updated this week
- Feed parsing for language package manager updates☆71Updated this week
- Low-effort reachability analysis for third-party code vulnerabilities.☆19Updated last year
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆85Updated 7 months ago
- SPDX Merge tool☆39Updated last week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆69Updated this week
- ☆98Updated last month
- A BOM repository server for distributing CycloneDX BOMs☆73Updated 6 months ago
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated this week
- SBOM Grep - search through SBOMs☆20Updated this week
- Utility that provides an API and CLI to identify licenses and legal terms☆43Updated 3 months ago