jenkinsci / dependency-track-plugin

Related projects: ⓘ

• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆80Updated this week
• pmckeown / dependency-track-maven-plugin
  Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable …
  ☆61Updated 8 months ago
• DependencyTrack / frontend
  Frontend UI for Dependency-Track
  ☆100Updated last week
• CycloneDX / cyclonedx-bom-repo-server
  A BOM repository server for distributing CycloneDX BOMs
  ☆73Updated 6 months ago
• DependencyTrack / hyades
  Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.
  ☆59Updated this week
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆133Updated 5 months ago
• stevespringett / Alpine
  An opinionated scaffolding framework that jumpstarts Java projects with an API-first design, secure defaults, and minimal dependencies
  ☆61Updated this week
• CycloneDX / cyclonedx-cli
  CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
  ☆297Updated this week
• CycloneDX / cyclonedx-maven-plugin
  Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
  ☆287Updated last week
• jeremylong / Open-Vulnerability-Project
  Java libraries for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnera…
  ☆110Updated 3 weeks ago
• stevespringett / CPE-Parser
  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…
  ☆48Updated this week
• CycloneDX / cyclonedx-node-module
  creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
  ☆121Updated 2 months ago
• blackducksoftware / synopsys-detect
  Scanning and analysis for Synopsys products.
  ☆156Updated this week
• stevespringett / vulndb-data-mirror
  A simple Java command-line utility to mirror the entire contents of VulnDB.
  ☆42Updated 3 weeks ago
• CycloneDX / bom-examples
  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
  ☆168Updated 3 months ago
• CycloneDX / specification
  OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…
  ☆359Updated 2 weeks ago
• meta-fun / awesome-software-supply-chain-security
  Sharing software supply chain security open source projects
  ☆38Updated last year
• stevespringett / nist-data-mirror
  A simple Java command-line utility to mirror the CVE JSON data from NIST.
  ☆206Updated last year
• ozontech / dtrack-audit
  OWASP Dependency Track API client for intergration into CI/CD pipeline
  ☆51Updated last month
• Skyscanner / sonar-secrets
  SonarQube plugin for identifying hardcoded secrets, such as passwords, API keys, AWS credentials, etc..
  ☆99Updated 9 months ago
• CERTCC / SBOM
  Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
  ☆57Updated 5 months ago
• interlynk-io / sbomqs
  SBOM quality score - Quality metrics for your sboms
  ☆161Updated this week
• blackducksoftware / hub-rest-api-python
  HUB REST API Python bindings
  ☆89Updated last month
• eclipse / jbom
  ☆110Updated 3 months ago
• madpah / vexy
  Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents
  ☆19Updated last year
• thinksabin / DTrackAuditor
  DTrackAuditor is the python script to faciliate usage of DependencyTrack in the CI.
  ☆10Updated this week
• soprasteria / sonar-report
  Generates an html report from SonarQube
  ☆86Updated last month
• spdx / spdx-to-osv
  Produce an Open Source Vulnerability JSON file based on information in an SPDX document
  ☆60Updated 3 months ago
• spdx / cdx2spdx
  Utility that converts SBOM documents from CycloneDX to SPDX
  ☆29Updated 8 months ago
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆69Updated this week