hyperledger-labs / SParts
The Software Parts (SParts) lab delivers a Sawtooth-based ledger that provides both accountability and access to the open source components used in the construction of a software part. A software part is any software component (e.g., library, application, container or an entire operating system runtime) that is comprised of between 0% and 100% o…
☆12Updated 4 years ago
Alternatives and similar repositories for SParts:
Users that are interested in SParts are comparing it to the libraries listed below
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆57Updated 10 months ago
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆193Updated 2 months ago
- Check SPDX SBOM for NTIA minimum elements☆59Updated 2 weeks ago
- Software Component Verification Standard (SCVS)☆140Updated 10 months ago
- A standard API specification for exchanging supply chain artifacts and intelligence☆71Updated last week
- OASIS TC Open Repository: CSAF Parser tool for parsing and checking the syntax of the Common Vulnerability Reporting Framework (CVRF) con…☆23Updated 2 years ago
- CycloneDX SBOM Model and Utils for Creating and Validating BOMs☆86Updated last week
- Main repository for the official Dependency-Track Jenkins plugin☆47Updated last week
- A Java library for parsing and programmatically using threat models☆79Updated 2 years ago
- A Java library to support processing OSCAL content☆31Updated 7 months ago
- A taxonomy of all official CycloneDX property namespaces and names☆14Updated 2 months ago
- Implementation of the OSCAL REST API☆19Updated 11 months ago
- Posture Attribute Collection and Evaluation☆24Updated last year
- A place to systematically store software bill of materials (SBOM) documents.☆44Updated last year
- OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…☆158Updated this week
- Examples of SPDX files for software combinations☆127Updated 3 weeks ago
- Secvisogram is a web tool for creating and editing security advisories in the CSAF 2.0 format☆19Updated 3 weeks ago
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆19Updated last month
- Scripts to import OSCAL example content into the Neo4J graph database☆27Updated 2 years ago
- PURL to CPE Relationship mapping project.☆82Updated this week
- Find & pull public SBOMs☆16Updated 5 months ago
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆66Updated this week
- A BOM repository server for distributing CycloneDX BOMs☆75Updated 11 months ago
- Lockheed Martin developed utility to compare two CycloneDX SBOMs☆18Updated 3 years ago
- Utility that provides an API platform for validating, querying and managing BOM data☆102Updated 3 months ago
- This project aims to standardize the representation and management of EOL and EOS product information across the industry.☆26Updated 11 months ago
- Repository for on-going work as part of the AIBOM Tiger Team effort.☆18Updated 5 months ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆29Updated last year
- A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…☆48Updated last month
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆49Updated last week