sonatype-nexus-community / cheque
Audit C/C++ projects (make, cmake, command line, etc.)
☆27Updated 3 years ago
Alternatives and similar repositories for cheque:
Users that are interested in cheque are comparing it to the libraries listed below
- Report missing advisories and corrections on OSS Index☆17Updated 2 years ago
- Tool for creating, modifying and validating CycloneDX SBOMs.☆26Updated this week
- ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.☆67Updated last year
- A Yocto meta-layer for generating CycloneDX SBOMs and automatically uploading them to Dependency Track.☆20Updated 11 months ago
- A specification including, problem statement, use cases, requirements, and architectural constituents for a Transparency Service in suppo…☆14Updated 2 years ago
- SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.☆69Updated this week
- A community collection of security reviews of open source software components.☆93Updated last year
- A place to systematically store software bill of materials (SBOM) documents.☆46Updated last year
- ☆13Updated this week
- Library to ingest and generate SBOMs☆25Updated last week
- Examples of SPDX files for software combinations☆128Updated 2 weeks ago
- Produce an Open Source Vulnerability JSON file based on information in an SPDX document☆64Updated 10 months ago
- Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions☆47Updated 11 months ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆28Updated last year
- The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.☆51Updated last week
- PURL to CPE Relationship mapping project.☆87Updated this week
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆142Updated last year
- A standard API specification for exchanging supply chain artifacts and intelligence☆78Updated last week
- Open Source Vulnerability schema.☆198Updated 2 weeks ago
- Static code analysis of refpolicy style SELinux policy☆42Updated last month
- apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information☆22Updated 3 years ago
- This repo contains license and copyright analysis results of open source packages. It further contains other license compliance relevant …☆46Updated this week
- Feed parsing for language package manager updates☆78Updated 4 months ago
- Utility that provides an API platform for validating, querying and managing BOM data☆108Updated this week
- A Python library to parse, validate and create SPDX documents.☆208Updated last week
- Utility that provides an API and CLI to identify licenses and legal terms☆43Updated 10 months ago
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆74Updated 2 weeks ago
- SPDX Merge tool☆43Updated this week
- OWASP Dependency Track API client for intergration into CI/CD pipeline☆53Updated 8 months ago
- OSIDB — Open Security Issue Database☆29Updated this week