google / deps.dev
Resources for the deps.dev API
☆241Updated last month
Related projects: ⓘ
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆359Updated 2 weeks ago
- Open Source Vulnerability schema.☆176Updated this week
- Language-agnostic SLSA provenance generation for Github Actions☆413Updated last week
- Verify provenance from SLSA compliant builders☆223Updated 2 weeks ago
- Generate SBOMs with gh CLI☆164Updated 9 months ago
- Official GitHub Action for OpenSSF Scorecard.☆251Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆219Updated last month
- in-toto Attestation Framework☆231Updated this week
- OpenVEX Specification☆125Updated 2 months ago
- Enrich SBOMs with data from third party services☆108Updated 3 weeks ago
- SBOM quality score - Quality metrics for your sboms☆161Updated this week
- Format agnostic SBOM tooling☆63Updated this week
- GitHub Action for creating software bill of materials using Syft.☆162Updated this week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆69Updated this week
- Check SPDX SBOM for NTIA minimum elements☆52Updated 2 weeks ago
- OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues☆164Updated 2 weeks ago
- The SPDX specification in MarkDown and HTML formats.☆287Updated last week
- OpenSSF Working Group on Securing Software Repositories☆86Updated 2 months ago
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆454Updated 3 months ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆229Updated this week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆675Updated last month
- Collection of Go packages to work with SPDX files☆120Updated last month
- GitHub token permissions Monitor and Advisor actions☆252Updated 2 months ago
- Go library to consume and produce CycloneDX Software Bill of Materials (SBOM)☆72Updated last week
- CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.☆297Updated this week
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆175Updated 7 months ago
- ☆56Updated 2 months ago
- A BOM repository server for distributing CycloneDX BOMs☆73Updated 6 months ago
- A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles☆466Updated last week
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆131Updated this week