fossas / fossa-cliLinks
Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Language-agnostic; integrates with 20+ build systems.
☆1,415Updated last week
Alternatives and similar repositories for fossa-cli
Users that are interested in fossa-cli are comparing it to the libraries listed below
Sorting:
- Python reference implementation of The Update Framework (TUF)☆1,677Updated last week
- SQL interface to git repositories, written in Go. https://docs.sourced.tech/gitbase☆2,078Updated last year
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆998Updated last year
- Find licenses for your project's dependencies.☆1,772Updated last year
- Artifact Metadata API☆1,545Updated this week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆862Updated this week
- The Buildkite Agent is an open-source toolkit written in Go for securely running build jobs on any device or network☆866Updated last week
- A Ruby gem to cache and verify the licenses of dependencies☆1,012Updated this week
- Notary is a project that allows anyone to have trust over arbitrary collections of data☆3,281Updated last year
- Reduce maintainer fatigue by automating GitHub☆817Updated last month
- 📅 The web's go-to resource for Calendar Versioning info.☆536Updated last year
- An opinionated Dockerfile linter.☆1,015Updated last year
- The Open Source Discovery Service☆1,129Updated this week
- A fast partial replacement for the codemod tool☆1,771Updated 2 months ago
- CUE has moved to https://github.com/cue-lang/cue☆3,075Updated 4 years ago
- Supply-chain Levels for Software Artifacts☆1,712Updated this week
- Contributor License Agreement assistant (CLA assistant)☆1,428Updated last year
- High-performance extensible build system for reproducible multi-language builds.☆2,535Updated last week
- Cloud Native Application Bundle Specification☆968Updated 2 years ago
- A service that analyzes docker images and scans for vulnerabilities☆1,586Updated 2 years ago
- 🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)☆1,279Updated this week
- Policy enforcement for your pipelines.☆477Updated last week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆418Updated this week
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,222Updated this week
- Software Supply Chain Transparency Log☆995Updated this week
- 📮 Untangle your GitHub Notifications☆4,415Updated this week
- Gives criticality score for an open source project☆1,391Updated 4 months ago
- Kubernetes application deployments for restricted, regulated, or remote environments☆1,081Updated 2 years ago
- Fast website link checker in Go☆2,570Updated this week
- 🤖 All the missing GitHub automation 🙂 🙌☆707Updated last year