Alternatives and similar repositories for fossa-cli

Users that are interested in fossa-cli are comparing it to the libraries listed below

• theupdateframework / python-tuf
  Python reference implementation of The Update Framework (TUF)
  ☆1,695Updated this week
• grafeas / grafeas
  Artifact Metadata API
  ☆1,563Updated last week
• tern-tools / tern
  Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…
  ☆1,013Updated last year
• coreinfrastructure / best-practices-badge
  🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)
  ☆1,316Updated this week
• slsa-framework / slsa
  Supply-chain Levels for Software Artifacts
  ☆1,803Updated this week
• licensee / licensed
  A Ruby gem to cache and verify the licenses of dependencies
  ☆1,020Updated last week
• package-url / purl-spec
  A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
  ☆963Updated last week
• src-d / gitbase
  SQL interface to git repositories, written in Go. https://docs.sourced.tech/gitbase
  ☆2,084Updated 2 years ago
• todogroup / repolinter
  Repolinter, The Open Source Repository Linter
  ☆462Updated 2 weeks ago
• ossf / allstar
  GitHub App to set and enforce security policies
  ☆1,391Updated last week
• github / balanced-employee-ip-agreement
  GitHub's employee intellectual property agreement, open sourced and reusable
  ☆2,202Updated this week
• oss-review-toolkit / ort
  A suite of tools to automate software compliance checks.
  ☆1,919Updated this week
• buildkite / agent
  The Buildkite Agent is an open-source toolkit written in Go for securely running build jobs on any device or network
  ☆920Updated this week
• sigstore / rekor
  Software Supply Chain Transparency Log
  ☆1,068Updated last week
• siderolabs / conform
  Policy enforcement for your pipelines.
  ☆503Updated this week
• CycloneDX / specification
  OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…
  ☆472Updated 2 weeks ago
• in-toto / in-toto
  in-toto is a framework to protect supply chain integrity.
  ☆970Updated last week
• tazjin / nixery
  Container registry which transparently builds images using the Nix package manager. Canonical repository is https://cs.tvl.fyi/depot/-/tr…
  ☆1,965Updated 3 months ago
• mahmoud / calver
  📅 The web's go-to resource for Calendar Versioning info.
  ☆553Updated last year
• cla-assistant / cla-assistant
  Contributor License Agreement assistant (CLA assistant)
  ☆1,470Updated last year
• alexellis / derek
  Reduce maintainer fatigue by automating GitHub
  ☆820Updated last week
• fishworks / gofish
  Keep your fish fresh!
  ☆812Updated 3 years ago
• notaryproject / notary
  Notary is a project that allows anyone to have trust over arbitrary collections of data
  ☆3,285Updated last year
• anchore / anchore-engine
  A service that analyzes docker images and scans for vulnerabilities
  ☆1,593Updated 3 years ago
• cuelang / cue
  CUE has moved to https://github.com/cue-lang/cue
  ☆3,067Updated 4 years ago
• thought-machine / please
  High-performance extensible build system for reproducible multi-language builds.
  ☆2,578Updated 2 weeks ago
• buzzfeed / sso
  sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services
  ☆3,119Updated 2 months ago
• GoogleContainerTools / container-structure-test
  validate the structure of your container images
  ☆2,452Updated 2 weeks ago
• thoughtworks / talisman
  Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…
  ☆2,062Updated this week
• palantir / policy-bot
  A GitHub App that enforces approval policies on pull requests
  ☆927Updated last week