Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and other generous sponsors.
☆88Mar 11, 2026Updated last week
Alternatives and similar repositories for packageurl-python
Users that are interested in packageurl-python are comparing it to the libraries listed below
Sorting:
- Tools to create and deploy a database of software packages metadata, origin, dependencies, and license keyed by PURLs (Package URLs). Sup…☆61Updated this week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆992Mar 11, 2026Updated last week
- JavaScript implementation of the package url spec☆28Jan 28, 2026Updated last month
- Parse and compare package versions and ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions…☆43Feb 25, 2026Updated 3 weeks ago
- A library to reliably fetch code via HTTP, FTP and version control systems. This project is sponsored by NLnet project https://nlnet.nl/p…☆12Nov 28, 2025Updated 3 months ago
- A mostly universal file extraction library and CLI tool to extract almost any archive in a reasonably safe way on Linux, macOS and Window…☆38Oct 31, 2025Updated 4 months ago
- A Python library to parse, validate and create SPDX documents.☆240Mar 13, 2026Updated last week
- Functionality and DataModels of OWASP CycloneDX for Python☆103Mar 13, 2026Updated last week
- Linux agent used to submit realtime SBOMs and dependency usage information to EdgeBit☆15Jan 24, 2025Updated last year
- ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Co…☆184Updated this week
- Common weakness enumeration library for Python (maintained fork of https://github.com/Julian-Nash/cwe )☆15Aug 29, 2024Updated last year
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆649Updated this week
- a mostly correct pip requirements parsing library☆20Sep 2, 2024Updated last year
- Run ScanCode.io pipelines from your Workflows☆12Mar 4, 2026Updated 2 weeks ago
- A pure python rpm reader☆20Apr 11, 2024Updated last year
- Python implementation of Stakeholder-Specific Vulnerability Categorization (SSVC)☆23Jan 21, 2026Updated last month
- Java/JVM implementation of the package url spec☆44Nov 21, 2025Updated 3 months ago
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆73Updated this week
- Trace software components, packages and files between Development/Source and Deployment/Distribution/Binaries codebases - strace build an…☆25Aug 29, 2024Updated last year
- MVP for updated PEP 543 proposal☆14Feb 13, 2026Updated last month
- Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.☆82Updated this week
- A Yocto meta-layer for generating CycloneDX SBOMs☆23Mar 13, 2026Updated last week
- FOSSLight Dependency Scanner☆36Mar 13, 2026Updated last week
- Go implementation of the package url spec☆72Mar 7, 2026Updated last week
- A function invocation framework for Python☆11Feb 21, 2024Updated 2 years ago
- ☆11Dec 15, 2023Updated 2 years ago
- ☆16Mar 13, 2026Updated last week
- This is a mapping of CPEs to package urls created by using VulnerableCode's data☆10Aug 14, 2020Updated 5 years ago
- Tool for creating, modifying and validating CycloneDX SBOMs.☆28Updated this week
- NVD API 2.0 client for CVE information☆13May 15, 2025Updated 10 months ago
- A free and open database of all the licenses, in particular all the open source software licenses☆61Feb 24, 2026Updated 3 weeks ago
- A CVRF CSAF Converter, taking care about OASIS specification.☆10Jun 4, 2025Updated 9 months ago
- AboutCode Toolkit provides a simple way to document provenance metadata (origin and license) about third-party code that you use in your…☆99Mar 2, 2026Updated 2 weeks ago
- CPE: Common Platform Enumeration for Python☆96Sep 23, 2025Updated 5 months ago
- Examples of SPDX files for software combinations☆143Nov 15, 2025Updated 4 months ago
- OWASP Embedded Application Security Project☆18Jan 17, 2022Updated 4 years ago
- A changelog finder and parser for packages available on pypi, npm and rubygems.☆70Apr 10, 2025Updated 11 months ago
- A python library to parse Debian deb822-style control and copyright files and all related Debian, Ubuntu and Debian-derivative manifest a…☆16Oct 2, 2025Updated 5 months ago
- The Keep It Simple Software Bill of Material☆11Jan 31, 2022Updated 4 years ago