pixee / codemodder-specsLinks
☆14Updated 10 months ago
Alternatives and similar repositories for codemodder-specs
Users that are interested in codemodder-specs are comparing it to the libraries listed below
Sorting:
- A GitHub Action that allows Pixee to fix issues found by other code scanners☆15Updated last year
- Security toolkit for the Python community☆15Updated 11 months ago
- A set of security APIs meant to help secure Java code☆23Updated 2 weeks ago
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆186Updated this week
- ☆122Updated 9 months ago
- a framework for building java codemods☆40Updated last week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆472Updated 2 weeks ago
- PURL to CPE Relationship mapping project.☆110Updated this week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆963Updated last week
- CycloneDX SBOM Model and Utils for Creating and Validating BOMs☆103Updated last week
- A compilation of resources in the software supply chain security domain, with emphasis on open source☆342Updated 2 years ago
- Enrich SBOMs with data from third party services☆214Updated last week
- Generate a score for your sbom to understand if it will actually be useful.☆237Updated last year
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆195Updated 3 weeks ago
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆86Updated 2 months ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆42Updated this week
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆265Updated last week
- Functionality and DataModels of OWASP CycloneDX for Python☆102Updated last week
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆95Updated last week
- User-friendly documentation for the SARIF file format.☆337Updated 2 years ago
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆381Updated last week
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆72Updated 6 months ago
- Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects☆217Updated last week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆449Updated this week
- sbomasm: The Complete SBOM Management Toolkit☆101Updated this week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆110Updated 2 weeks ago
- Feed parsing for language package manager updates☆81Updated last year
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆79Updated 2 weeks ago
- Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.☆79Updated this week
- GitHub Action for submitting Maven dependencies☆57Updated 4 months ago