janbiasi / rollup-plugin-sbomLinks
Create SBOMs in CycloneDX format for your Vite or Rollup projects with ease
☆13Updated 3 weeks ago
Alternatives and similar repositories for rollup-plugin-sbom
Users that are interested in rollup-plugin-sbom are comparing it to the libraries listed below
Sorting:
- creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects☆130Updated last month
- Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.☆93Updated last week
- GitHub action to generate a CycloneDX SBOM for Node.js☆22Updated last week
- Preview the semantic release notes that would result from merging a Github PR.☆41Updated last year
- Extract NPM package licenses. Enhanced and updated fork of Dav Glass' original (but abandoned) license-checker.☆167Updated last month
- Check npm dependencies' package.json for license compatibility (aka compliance check) with the current project based on spdx notation and…☆95Updated 2 years ago
- Enhanced semantic-release by enabling simplified and automatic package publishing in multi-package repositories☆12Updated 4 months ago
- Official GitHub Action for OpenSSF Scorecard.☆316Updated last week
- 📦🔖 A GitHub Action for publishing JavaScript Actions☆98Updated 4 months ago
- GitHub Actions toolkit to monitor a repository and run testcases☆136Updated 2 years ago
- The goal of this project is to provide additional features on top of the existing npm audit options☆124Updated 10 months ago
- This is the GitHub repo of the OpenChain SBOM Study Group☆10Updated this week
- CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.☆382Updated this week
- JavaScript code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oas…☆28Updated last year
- A collection of packages for using GitHub security advisories in Node.js.☆16Updated this week
- Code-signing for npm packages☆165Updated this week
- GitHub Action to combine multiple PRs into a single one☆130Updated 4 months ago
- Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike☆238Updated 2 months ago
- Manage third-party license compliance in your webpack build☆93Updated this week
- Collection of security best practices for package managers.☆162Updated 2 years ago
- GitHub Action wrapper for Spectral - a JSON/YAML/OpenAPI/AsyncAPI/etc linter with custom rule support.☆98Updated this week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆738Updated this week
- semantic-release plugin to back-merge a release into a develop branch☆62Updated 10 months ago
- Core functionality of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.☆16Updated this week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆35Updated 2 months ago
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆404Updated last week
- Audit NPM, Yarn, PNPM, and Bun dependencies in continuous integration environments, preventing integration if vulnerabilities are found a…☆271Updated 2 months ago
- semantic-release-plus monorepo to build and publish all semantic-release related repositories☆74Updated last year
- Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.☆26Updated this week
- Public website cyclonedx.org☆12Updated 6 months ago