sonatype-nexus-community / chequeLinks
Audit C/C++ projects (make, cmake, command line, etc.)
☆27Updated 3 years ago
Alternatives and similar repositories for cheque
Users that are interested in cheque are comparing it to the libraries listed below
Sorting:
- Report missing advisories and corrections on OSS Index☆17Updated 2 years ago
- ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.☆68Updated last year
- Library to ingest and generate SBOMs☆28Updated last week
- A place to systematically store software bill of materials (SBOM) documents.☆46Updated 2 years ago
- ☆14Updated this week
- Examples of SPDX files for software combinations☆135Updated 2 months ago
- apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information☆22Updated 3 years ago
- SCANOSS Open Source Inventory Engine☆39Updated last month
- Utility that provides an API and CLI to identify licenses and legal terms☆52Updated last month
- Tool for creating, modifying and validating CycloneDX SBOMs.☆27Updated last week
- A specification including, problem statement, use cases, requirements, and architectural constituents for a Transparency Service in suppo…☆14Updated 2 years ago
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆65Updated last year
- A community collection of security reviews of open source software components.☆95Updated last year
- Service to scan licenses from source code☆12Updated 2 years ago
- Produce an Open Source Vulnerability JSON file based on information in an SPDX document☆64Updated last year
- Static code analysis of refpolicy style SELinux policy☆45Updated 5 months ago
- A Python library and command line interface for CVE Services.☆69Updated 3 weeks ago
- SARIF Microsoft Visual Studio Code extension☆119Updated 3 weeks ago
- Scanning and analysis for Black Duck SCA products.☆180Updated this week
- Build custom Docker seccomp profiles for containers by finding syscalls it uses.☆90Updated 5 years ago
- Open Source Vulnerability schema.☆206Updated last week
- Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions☆48Updated last month
- Official repository for the Open Vulnerability and Assessment Language☆75Updated this week
- PURL to CPE Relationship mapping project.☆93Updated this week
- Low-effort reachability analysis for third-party code vulnerabilities.☆21Updated 2 years ago
- Feed parsing for language package manager updates☆78Updated 9 months ago
- CVE Automation Working Group☆173Updated last week
- Utility that provides an API platform for validating, querying and managing BOM data☆118Updated 2 weeks ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆78Updated last month
- Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners☆12Updated last week