intuit / innersource-scanner
A java api and command line tool for scanning, reporting and fixing a git repository's InnerSource Readiness based on a supplied specification which defines the files and file contents necessary for a repository to be considered ready for InnerSource contribution.
☆20Updated last year
Related projects ⓘ
Alternatives and complementary repositories for innersource-scanner
- Awesome InnerSource Content☆32Updated 5 months ago
- Generates SPDX bill-of-material files from a package input and license scan☆12Updated 6 months ago
- Materials for the ISPO working group☆22Updated 2 months ago
- OSPO Landscape☆33Updated this week
- This repo is for tracking activities that we work on during TODO Group Work Days☆15Updated last year
- opengovernance.dev☆37Updated 5 years ago
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated 2 weeks ago
- Documentation and guidance for handling outbound open source for organizations☆19Updated 2 years ago
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.☆32Updated last year
- The FINOS InnerSource SIG is a community of people implementing, or interested in implementing, InnerSource within their financial servic…☆27Updated 7 months ago
- GitHub Action to get a license overview in SPDX format☆14Updated 2 years ago
- Automating Compliance Tooling Project☆20Updated 2 years ago
- GitHub action to produce a SBOM report from a given Black Duck project☆12Updated 11 months ago
- CHAOSS Value Working Group☆39Updated this week
- A CLI tool for creating secure by design/default source repos.☆24Updated 3 months ago
- Accelerate financial services firms’ journeys toward open source readiness, by advancing the readiness of participants’ firms and informi…☆35Updated 2 months ago
- OpenSSF Endusers Working Group☆28Updated 7 months ago
- Github Action implementation of SLSA Provenance Generation☆47Updated this week
- container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat…☆34Updated 3 months ago
- A desktop workbench for OSS Review Toolkit result files.☆25Updated this week
- A collection of guidelines and resources from Citi's Open Source Program Office☆47Updated 6 months ago
- 📖 OSPOlogy - The Study of OSPOs☆192Updated this week
- Lists all InnerSource projects of a company in an interactive and easy to use way. Can be used as a template for implementing the "InnerS…☆143Updated last month
- This document outlines the processes we use to manage our FOSS Contributor Fund initiative at Indeed.☆71Updated last year
- QMSTR compliance tool☆31Updated 2 years ago
- Submit SBOMs to GitHub's dependency submission API☆12Updated last year
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆30Updated 10 months ago
- A light-weight app to audit and inventory large codebases for open source license compliance.☆60Updated this week
- The service side of clearlydefined.io☆45Updated this week
- SPDX Merge tool☆39Updated 2 months ago