sonatype-nexus-community / chequeLinks
Audit C/C++ projects (make, cmake, command line, etc.)
☆27Updated 3 years ago
Alternatives and similar repositories for cheque
Users that are interested in cheque are comparing it to the libraries listed below
Sorting:
- Report missing advisories and corrections on OSS Index☆17Updated 2 years ago
- Service to scan licenses from source code☆12Updated 2 years ago
- Examples of SPDX files for software combinations☆135Updated 3 months ago
- A place to systematically store software bill of materials (SBOM) documents.☆46Updated 2 years ago
- Library to ingest and generate SBOMs☆30Updated 3 weeks ago
- SBOM Search - Context aware search in SBOM repositories☆29Updated this week
- SCANOSS Open Source Inventory Engine☆39Updated last week
- Static code analysis of refpolicy style SELinux policy☆45Updated 6 months ago
- Open Source Vulnerability schema.☆207Updated last week
- Utility that provides an API and CLI to identify licenses and legal terms☆53Updated 2 months ago
- Produce an Open Source Vulnerability JSON file based on information in an SPDX document☆64Updated last year
- ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.☆68Updated last year
- PURL to CPE Relationship mapping project.☆94Updated this week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆78Updated this week
- Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions☆49Updated last week
- Tool for creating, modifying and validating CycloneDX SBOMs.☆27Updated this week
- Build custom Docker seccomp profiles for containers by finding syscalls it uses.☆90Updated 5 years ago
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆65Updated last year
- A Yocto meta-layer for generating CycloneDX SBOMs and automatically uploading them to Dependency Track.☆21Updated last year
- A community collection of security reviews of open source software components.☆95Updated last year
- ☆102Updated 11 months ago
- apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information☆23Updated 3 years ago
- A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).☆12Updated 2 months ago
- A Python library and command line interface for CVE Services.☆69Updated last week
- Low-effort reachability analysis for third-party code vulnerabilities.☆21Updated 2 years ago
- sbomasm: The Complete SBOM Management Toolkit☆80Updated last week
- ☆14Updated 2 weeks ago
- A Python library to parse, validate and create SPDX documents.☆226Updated 2 months ago
- Feed parsing for language package manager updates☆78Updated 9 months ago
- Python classes for the SARIF object model☆43Updated last year