Alternatives and similar repositories for build-recorder

Users that are interested in build-recorder are comparing it to the libraries listed below

• act-project / TAC
  Automating Compliance Tooling Project
  ☆22Updated 3 years ago
• vinland-technology / flict
  free and open source software license compatibility tool.
  ☆50Updated 8 months ago
• anchore / stereoscope
  go library for processing container images and simulating a squash filesystem
  ☆101Updated this week
• AevaOnline / supply-chain-synthesis
  Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.
  ☆33Updated 2 years ago
• package-url / packageurl-go
  Go implementation of the package url spec
  ☆67Updated 3 weeks ago
• bmwiedemann / theunreproduciblepackage
  The Unreproducible Package
  ☆68Updated 10 months ago
• vmware-archive / rules_oss_audit
  The complexities of identifying and tracking open-source software (OSS) to comply with license requirements adds friction to the developm…
  ☆30Updated 2 years ago
• transparency-dev / tessera
  Go library for building tile-based transparency logs (tlogs)
  ☆135Updated this week
• go-enry / go-license-detector
  Reliable project licenses detector.
  ☆139Updated 4 months ago
• openSUSE / cavil
  The legal review and SBOM system used by SUSE and openSUSE
  ☆61Updated last week
• EmilyShepherd / kiOS
  Slim Operating System for running Kubernetes with minimal overhead
  ☆19Updated last week
• caniszczyk / rugpulls.dev
  ☆36Updated last year
• landlock-lsm / go-landlock
  A Go library for the Linux Landlock sandboxing feature
  ☆261Updated last week
• in-toto / in-toto-golang
  A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
  ☆142Updated last week
• openvex / spec
  OpenVEX Specification
  ☆164Updated 6 months ago
• anthonyharrison / sbomaudit
  Report on quality of SBOM contents
  ☆24Updated last year
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆111Updated 3 weeks ago
• doubleopen-project / doubleopen-publications
  Publications done by Double Open.
  ☆16Updated 5 years ago
• spdx / tools-golang
  Collection of Go packages to work with SPDX files
  ☆154Updated 3 weeks ago
• spdx / spdx-spec
  The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.
  ☆350Updated this week
• spdx / cdx2spdx
  Utility that converts SBOM documents from CycloneDX to SPDX
  ☆33Updated last year
• stb-tester / apt2ostree
  Build ostree images based on Debian/Ubuntu
  ☆117Updated 6 months ago
• aboutcode-org / container-inspector
  container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat…
  ☆37Updated 9 months ago
• philips-software / SPDXMerge
  SPDX Merge tool
  ☆48Updated 8 months ago
• reproducible-containers / repro-get
  [Soft-deprecated] Reproducible apt/dnf/apk/pacman, with content-addressing
  ☆111Updated 2 years ago
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆106Updated this week
• jvoisin / compiler-flags-distro
  Usage of enabled-by-default hardening-related compiler flags across Linux distributions
  ☆60Updated 10 months ago
• Open-Source-Compliance / package-analysis
  This repo contains license and copyright analysis results of open source packages. It further contains other license compliance relevant …
  ☆53Updated this week
• in-toto / go-witness
  Go implementation of witness
  ☆42Updated this week
• fsfe / reuse-docs
  REUSE recommendations, tutorials, FAQ and specification
  ☆18Updated last year