janbiasi / rollup-plugin-sbomLinks
Create SBOMs in CycloneDX format for your Vite or Rollup projects with ease
☆13Updated this week
Alternatives and similar repositories for rollup-plugin-sbom
Users that are interested in rollup-plugin-sbom are comparing it to the libraries listed below
Sorting:
- Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.☆95Updated last week
- creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects☆133Updated last week
- Check npm dependencies' package.json for license compatibility (aka compliance check) with the current project based on spdx notation and…☆95Updated 2 years ago
- GitHub action to generate a CycloneDX SBOM for Node.js☆22Updated last month
- Preview the semantic release notes that would result from merging a Github PR.☆41Updated last year
- Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.☆23Updated this week
- Collection of security best practices for package managers.☆162Updated 2 years ago
- Extract NPM package licenses. Enhanced and updated fork of Dav Glass' original (but abandoned) license-checker.☆172Updated 3 months ago
- The goal of this project is to provide additional features on top of the existing npm audit options☆125Updated 11 months ago
- Proof of concept that wraps semantic-release to work with monorepos.☆209Updated 4 months ago
- Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.☆26Updated last week
- Manage third-party license compliance in your webpack build☆97Updated last week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆767Updated this week
- CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.☆396Updated last week
- Orchestrate GitHub Actions Security☆295Updated 3 weeks ago
- JavaScript SDK for OpenFeature☆219Updated this week
- Code-signing for npm packages☆167Updated this week
- ESLint plugin to detect and stop Trojan Source attacks☆77Updated 2 years ago
- A semantic-release plugin for replacing text in files with the current release version.☆115Updated last year
- ESLint security plugin for Node.js☆104Updated last year
- Add changelogs to PRs and use them to determine the version of npm packages☆23Updated 2 years ago
- Official GitHub Action for OpenSSF Scorecard.☆329Updated last week
- Core functionality of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.☆17Updated last week
- Enhanced semantic-release by enabling simplified and automatic package publishing in multi-package repositories☆14Updated 6 months ago
- A collection of packages for using GitHub security advisories in Node.js.☆15Updated this week
- semantic-release plugin to upload releases to sentry☆15Updated 3 weeks ago
- Enrich SBOMs with data from third party services☆189Updated this week
- A simple measure of software dependency freshness.☆109Updated this week
- 🐨 Simple and complete CLI testing utilities that encourage good testing practices.☆106Updated 7 months ago
- GitHub Action to combine multiple PRs into a single one☆134Updated 5 months ago