Enrich SBOMs with data from third party services
☆220Feb 11, 2026Updated 3 weeks ago
Alternatives and similar repositories for parlay
Users that are interested in parlay are comparing it to the libraries listed below
Sorting:
- Generate a score for your sbom to understand if it will actually be useful.☆238Aug 13, 2024Updated last year
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆269Updated this week
- An SBOM query language and associated utilities☆55Jan 22, 2024Updated 2 years ago
- sbomasm: The Complete SBOM Management Toolkit☆105Updated this week
- Utility that provides an API platform for validating, querying and managing BOM data☆127Jan 2, 2026Updated 2 months ago
- A tool to create, transform and attest VEX metadata☆176Updated this week
- A universal SBOM representation in protocol buffers☆319Updated this week
- Report on quality of SBOM contents☆25Dec 18, 2024Updated last year
- SBOM Move - Automate build and transfer of SBOMs across systems☆25Updated this week
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆187Updated this week
- Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team☆33Feb 2, 2026Updated last month
- GitHub app for SBOM creation using cdxgen and upload to Dependency-Track☆22Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆603Feb 10, 2026Updated 3 weeks ago
- ☆11Dec 19, 2024Updated last year
- SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆529Updated this week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,450Updated this week
- SBOM Search - Context aware search in SBOM repositories☆29Nov 24, 2025Updated 3 months ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆110Updated this week
- SPDX Merge tool☆50Apr 22, 2025Updated 10 months ago
- ☆14Nov 13, 2023Updated 2 years ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆517Updated this week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆908Updated this week
- OtterDog is a tool to manage GitHub organizations at scale using a configuration as code approach. It is actively used by the Eclipse Fou…☆46Updated this week
- Catalogue all images of a Kubernetes cluster to multiple targets with Syft☆221Updated this week
- OpenVEX Specification☆168Jan 16, 2026Updated last month
- Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.☆81Feb 25, 2026Updated last week
- Open Source License Compliance Checklists☆11Oct 18, 2024Updated last year
- A standard API specification for exchanging supply chain artifacts and intelligence☆100Feb 20, 2026Updated last week
- ☆102Sep 27, 2024Updated last year
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆462Updated this week
- Visualizer for GUAC☆30Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆108Feb 23, 2026Updated last week
- Software Supply Chain Security Platform☆375Updated this week
- A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs☆431Feb 1, 2026Updated last month
- Deploy Multiple GKE Clusters behind a Google Cloud Global Load Balancer with Pulumi☆15Aug 10, 2023Updated 2 years ago
- Run multiple-node, decentralized k3s clusters on Github action runners for test and development!☆11Nov 20, 2021Updated 4 years ago
- A utility to generate SPDX-compliant Bill of Materials manifests☆443Updated this week
- This tool compares two Software Bill of Materials (SBOMs) and reports the differences.☆42Updated this week
- Software Component Verification Standard (SCVS)☆156Apr 1, 2025Updated 11 months ago