SPDX Merge tool
☆51Mar 2, 2026Updated 2 weeks ago
Alternatives and similar repositories for SPDXMerge
Users that are interested in SPDXMerge are comparing it to the libraries listed below
Sorting:
- GitHub action to produce a SBOM report from a given Black Duck project☆12Feb 5, 2026Updated last month
- The model for the information captured in SPDX version 3 standard.☆99Updated this week
- License Identifier☆14Mar 25, 2021Updated 4 years ago
- ☆20Feb 5, 2026Updated last month
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Apr 17, 2023Updated 2 years ago
- Security advisory data for Wolfi☆19Jan 7, 2026Updated 2 months ago
- Automating Compliance Tooling Project☆22Jan 28, 2022Updated 4 years ago
- List of SBOM Generation Tools☆30Mar 7, 2025Updated last year
- A tool to create, transform and attest VEX metadata☆178Updated this week
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts☆19Feb 27, 2026Updated 3 weeks ago
- A taxonomy of all official CycloneDX property namespaces and names☆21Mar 2, 2026Updated 2 weeks ago
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Jan 4, 2026Updated 2 months ago
- apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information☆25Feb 4, 2022Updated 4 years ago
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆11Mar 5, 2026Updated 2 weeks ago
- An SBOM query language and associated utilities☆55Jan 22, 2024Updated 2 years ago
- Generate SBOMs with gh CLI☆199May 30, 2025Updated 9 months ago
- ☆76Dec 10, 2025Updated 3 months ago
- OSS License Open Data☆12Jun 28, 2019Updated 6 years ago
- OSS License Simple Viewer is a simple Excel-based tool as OSS license reference for engineers.☆14Nov 20, 2020Updated 5 years ago
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆33Oct 24, 2022Updated 3 years ago
- Darkfiles finds orphaned files in container images and makes them to bad deeds☆42May 11, 2023Updated 2 years ago
- Format agnostic SBOM tooling☆133Nov 20, 2025Updated 4 months ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆33Jan 19, 2024Updated 2 years ago
- This repository stores meetings minutes for the SPDX project☆40Mar 10, 2026Updated last week
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆271Updated this week
- Create SPDX documents automatically with CMake build info☆32May 2, 2021Updated 4 years ago
- Example CLI project to demo API architecture and protobom library☆26Mar 4, 2026Updated 2 weeks ago
- Github Action implementation of SLSA Provenance Generation☆50Mar 9, 2026Updated last week
- Integrity Shield is a tool for built-in preventive integrity control for regulated cloud workloads. It provides signature-based assurance…☆17Sep 22, 2022Updated 3 years ago
- create issues from a syndication feed (RSS or Atom).☆15Mar 10, 2026Updated last week
- ☆19Mar 7, 2026Updated last week
- Helm Chart for deploying GUAC☆18Mar 9, 2026Updated last week
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆67Apr 8, 2024Updated last year
- Automatically create a glossary in typst.☆22Jul 25, 2024Updated last year
- Enrich SBOMs with data from third party services☆220Feb 11, 2026Updated last month
- Load the information for the runners that are available☆16Updated this week
- Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team☆33Feb 2, 2026Updated last month
- Publications done by Double Open.☆16Jun 5, 2020Updated 5 years ago