philips-software / license-scanner
Service to scan licenses from source code
☆12Updated last year
Related projects: ⓘ
- Low-effort reachability analysis for third-party code vulnerabilities.☆19Updated last year
- apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information☆22Updated 2 years ago
- A place to systematically store software bill of materials (SBOM) documents.☆42Updated last year
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated this week
- OSS License Open Data☆12Updated 5 years ago
- A library for parsing security advisories☆13Updated 2 weeks ago
- Automate open source license compliance and ensure software supply chain integrity☆21Updated 2 weeks ago
- Automating Compliance Tooling Project☆20Updated 2 years ago
- The Keep It Simple Software Bill of Material☆11Updated 2 years ago
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆19Updated 11 months ago
- OSADL license compatibility matrix as a CSV☆13Updated last week
- container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat…☆34Updated last month
- SBOM Grep - search through SBOMs☆20Updated this week
- SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.☆54Updated this week
- GitHub Action to get a license overview in SPDX format☆14Updated 2 years ago
- ☆13Updated this week
- The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.☆46Updated last week
- Publications done by Double Open.☆16Updated 4 years ago
- Audit C/C++ projects (make, cmake, command line, etc.)☆23Updated 2 years ago
- Report missing advisories and corrections on OSS Index☆17Updated last year
- Given a buildinfo file from a Debian package, generate instructions for attempting to reproduce the binary packages built from the associ…☆16Updated last year
- CVE database☆22Updated 4 years ago
- Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners☆11Updated last week
- The model for the information captured in SPDX version 3 standard.☆68Updated last week
- Utility that converts SBOM documents from CycloneDX to SPDX☆29Updated 8 months ago
- Feed parsing for language package manager updates☆71Updated this week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆69Updated this week
- Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs…☆30Updated last month
- A CVRF CSAF Converter, taking care about OASIS specification.☆10Updated last year
- The International FOSS Law Book, v.2 and onwards☆13Updated 2 years ago