fossas / fossa-cliLinks
Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Language-agnostic; integrates with 20+ build systems.
β1,448Updated 2 weeks ago
Alternatives and similar repositories for fossa-cli
Users that are interested in fossa-cli are comparing it to the libraries listed below
Sorting:
- πOpen Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)β1,303Updated this week
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockβ¦β1,009Updated last year
- Python reference implementation of The Update Framework (TUF)β1,690Updated last week
- SQL interface to git repositories, written in Go. https://docs.sourced.tech/gitbaseβ2,082Updated 2 years ago
- Contributor License Agreement assistant (CLA assistant)β1,458Updated last year
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobbyβ926Updated this week
- ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packageβ¦β2,431Updated this week
- Artifact Metadata APIβ1,558Updated last week
- A GitHub App built with Probot that closes abandoned Issues and Pull Requests after a period of inactivity.β1,266Updated 2 years ago
- Repolinter, The Open Source Repository Linterβ461Updated last month
- Notary is a project that allows anyone to have trust over arbitrary collections of dataβ3,282Updated last year
- The Open Source Discovery Serviceβ1,139Updated last month
- GitHub's employee intellectual property agreement, open sourced and reusableβ2,190Updated 6 months ago
- A suite of tools to automate software compliance checks.β1,878Updated last week
- GitHub App to set and enforce security policiesβ1,379Updated last week
- Pull Requests for GitHub repository settingsβ1,007Updated this week
- π€ All the missing GitHub automation π πβ712Updated last year
- A transparent, highly scalable and cryptographically verifiable data store.β3,676Updated last week
- Reduce maintainer fatigue by automating GitHubβ816Updated last week
- Compute various size metrics for a Git repository, flagging those that might cause problemsβ3,930Updated 2 weeks ago
- An opinionated Dockerfile linter.β1,025Updated 2 years ago
- The Buildkite Agent is an open-source toolkit written in Go for securely running build jobs on any device or networkβ903Updated this week
- A fast partial replacement for the codemod tool. Assists with large-scale codebase refactors via regex-based find and replace with human β¦β1,854Updated 6 months ago
- Policy enforcement for your pipelines.β494Updated this week
- A GitHub App that enforces approval policies on pull requestsβ915Updated this week
- π A merge bot for GitHub Pull Requestsβ1,526Updated last year
- Scalar: A set of tools and extensions for Git to allow very large monorepos to run on Git without a virtualization layerβ1,479Updated 9 months ago
- Software Supply Chain Transparency Logβ1,042Updated this week
- GitHub App that enforces the Developer Certificate of Origin (DCO) on Pull Requestsβ330Updated 2 weeks ago
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductioβ¦β454Updated this week