Alternatives and similar repositories for go-spdx:

Users that are interested in go-spdx are comparing it to the libraries listed below

• github / proto-gen-go
  A 'go generate' script to generate Go files from .proto interfaces
  ☆23Updated 3 weeks ago
• sigstore / protobuf-specs
  Protocol Buffer specifications
  ☆27Updated this week
• anchore / binny
  Manage a directory of binaries without a package manager
  ☆27Updated last week
• package-url / packageurl-go
  Go implementation of the package url spec
  ☆58Updated 3 weeks ago
• github / go-pipe
  A package used to easily build command pipelines in your Go applications
  ☆48Updated 4 months ago
• chainguard-dev / go-apk
  native go library for installation and management of apk packages
  ☆29Updated 9 months ago
• actions / attest
  Action for generating attestations for workflow artifacts
  ☆45Updated this week
• sigstore / sigstore-go
  Go library for Sigstore signing and verification
  ☆58Updated this week
• octokit / go-sdk
  A generated Go SDK from GitHub's OpenAPI specification. Built on Kiota.
  ☆81Updated this week
• chainguard-dev / clog
  Context aware slog
  ☆22Updated 3 weeks ago
• google / s2a-go
  ☆22Updated 2 months ago
• wagoodman / go-bouncer
  Reports on the licenses used by a Go package and its dependencies.
  ☆10Updated 8 months ago
• cli / safeexec
  A safer version of exec.LookPath on Windows
  ☆92Updated last year
• github / spokes-receive-pack
  Replacement for git-receive-pack, included with gitrpcd for distribution
  ☆29Updated last week
• caniszczyk / rugpulls.dev
  ☆33Updated 11 months ago
• cue-labs / oci
  Go modules related to OCI (Open Container Initiative) registries
  ☆24Updated 2 weeks ago
• github / automatic-contrib-prs
  Automatically open a pull request for repositories that have no CONTRIBUTING.md file
  ☆35Updated 2 weeks ago
• sigstore / sigstore-go-archived
  Go library for Sigstore signing and verification
  ☆17Updated last year
• goreleaser / example-supply-chain
  Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations
  ☆56Updated last month
• dekkagaijin / go-dockerfile
  Utilities for interacting with Dockerfiles
  ☆15Updated 3 years ago
• git-ecosystem / trace2receiver
  GOLANG based OTEL custom collector receiver component for Trace2 data
  ☆51Updated last week
• hashicorp / hcl-lang
  Schema and decoder to be used as building blocks for an HCL2-based language server.
  ☆89Updated 2 weeks ago
• sigstore / root-signing
  TUF repository for Sigstore trust root
  ☆95Updated this week
• slsa-framework / slsa-github-generator-go
  ☆56Updated 2 years ago
• step-security / agent
  Purpose-built security agent for hosted runners
  ☆33Updated 7 months ago
• WillAbides / octo-go
  A generated go client for GitHub's REST API
  ☆14Updated 4 years ago
• sigstore / rekor-monitor
  Log monitor for Rekor to verify immutability and monitor entries
  ☆31Updated this week
• theupdateframework / tuf-on-ci
  A TUF repository and signing tool
  ☆30Updated this week
• ldez / usetesting
  Detects when some calls can be replaced by methods from the testing package
  ☆26Updated last month
• git-ecosystem / git-bundle-server
  A web server & management CLI to host Git bundles for use with Git's "bundle URIs" feature
  ☆52Updated last year