fossas / fossa-cliLinks
Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Language-agnostic; integrates with 20+ build systems.
☆1,427Updated this week
Alternatives and similar repositories for fossa-cli
Users that are interested in fossa-cli are comparing it to the libraries listed below
Sorting:
- A Ruby gem to cache and verify the licenses of dependencies☆1,011Updated this week
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆1,000Updated last year
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆875Updated this week
- Artifact Metadata API☆1,546Updated 2 weeks ago
- Python reference implementation of The Update Framework (TUF)☆1,678Updated this week
- Notary is a project that allows anyone to have trust over arbitrary collections of data☆3,285Updated last year
- 🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)☆1,281Updated this week
- SQL interface to git repositories, written in Go. https://docs.sourced.tech/gitbase☆2,079Updated last year
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆425Updated this week
- Supply-chain Levels for Software Artifacts☆1,724Updated last week
- The Buildkite Agent is an open-source toolkit written in Go for securely running build jobs on any device or network☆872Updated this week
- The Open Source Discovery Service☆1,129Updated 3 weeks ago
- GitHub App to set and enforce security policies☆1,358Updated last week
- A suite of tools to automate software compliance checks.☆1,817Updated this week
- Pull Requests for GitHub repository settings☆997Updated last week
- 🤖 All the missing GitHub automation 🙂 🙌☆710Updated last year
- ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party package…☆2,368Updated last week
- Curated list of awesome tools for managing open source programs☆479Updated 4 months ago
- 👁 A merge bot for GitHub Pull Requests☆1,528Updated last year
- Repolinter, The Open Source Repository Linter☆456Updated last week
- A fast partial replacement for the codemod tool☆1,774Updated 3 months ago
- GitHub App that enforces the Developer Certificate of Origin (DCO) on Pull Requests☆323Updated last week
- High-performance extensible build system for reproducible multi-language builds.☆2,542Updated last week
- Policy enforcement for your pipelines.☆479Updated this week
- Compute various size metrics for a Git repository, flagging those that might cause problems☆3,861Updated 2 weeks ago
- A service that analyzes docker images and scans for vulnerabilities☆1,589Updated 2 years ago
- A GitHub App that enforces approval policies on pull requests☆888Updated last week
- Linter/analyzer for Makefiles☆1,127Updated last week
- sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services☆3,114Updated 2 months ago
- CUE has moved to https://github.com/cue-lang/cue☆3,074Updated 4 years ago