sonatype-nexus-community / cheque
Audit C/C++ projects (make, cmake, command line, etc.)
☆23Updated 2 years ago
Related projects: ⓘ
- ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.☆66Updated 5 months ago
- Service to scan licenses from source code☆12Updated last year
- Utility that provides an API and CLI to identify licenses and legal terms☆43Updated 3 months ago
- Static code analysis of refpolicy style SELinux policy☆37Updated 3 weeks ago
- SCANOSS Open Source Inventory Engine☆36Updated last week
- Report missing advisories and corrections on OSS Index☆17Updated last year
- A place to systematically store software bill of materials (SBOM) documents.☆42Updated last year
- The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.☆46Updated last week
- Low-effort reachability analysis for third-party code vulnerabilities.☆19Updated last year
- ☆13Updated this week
- A Yocto meta-layer for generating CycloneDX SBOMs and automatically uploading them to Dependency Track.☆18Updated 3 months ago
- Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions☆39Updated 4 months ago
- A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).☆12Updated last year
- Produce an Open Source Vulnerability JSON file based on information in an SPDX document☆60Updated 3 months ago
- apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information☆22Updated 2 years ago
- Check SPDX SBOM for NTIA minimum elements☆52Updated last week
- Utility that converts SBOM documents from CycloneDX to SPDX☆29Updated 8 months ago
- Utility that provides an API platform for validating, querying and managing BOM data☆88Updated last month
- A community collection of security reviews of open source software components.☆92Updated 6 months ago
- A web based tool for working with CycloneDX BOMs☆29Updated last month
- A specification including, problem statement, use cases, requirements, and architectural constituents for a Transparency Service in suppo…☆14Updated last year
- SBOM Grep - search through SBOMs☆20Updated this week
- Sharing software supply chain security open source projects☆38Updated last year
- Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners☆11Updated last week
- CVE Vulnerability scanner of your software bill of materials (SBOM). ASCII text input.☆17Updated 3 years ago
- PURL to CPE Relationship mapping project.☆69Updated this week
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆57Updated 5 months ago
- Format agnostic SBOM tooling☆63Updated this week
- ☆98Updated last month
- Python classes for the SARIF object model☆39Updated 5 months ago