sonatype-nexus-community / jake
Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.
☆114Updated this week
Related projects ⓘ
Alternatives and complementary repositories for jake
- Python implementation of OWASP CycloneDX☆70Updated this week
- CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments☆257Updated this week
- Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.☆164Updated 3 weeks ago
- Advisory database for Python packages published on pypi.org☆264Updated this week
- Open Source Vulnerability schema.☆185Updated this week
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆71Updated 3 weeks ago
- A Sigstore client written in Python☆232Updated this week
- GitHub action to generate a CycloneDX SBOM for Python☆14Updated 4 months ago
- A GitHub Action for pip-audit☆68Updated last week
- Security audit Python project dependencies against security advisory databases.☆65Updated last month
- A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs☆52Updated last year
- Audit python packages for known vulnerabilities☆30Updated 2 years ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆72Updated last month
- Data about packages and maintainers on PyPI☆123Updated this week
- A tool to generate a SBOM (Software Bill of Materials) for an installed Python module☆25Updated last month
- Format agnostic SBOM tooling☆80Updated this week
- Python Faker provider for security related data☆36Updated 3 months ago
- A Python library to parse, validate and create SPDX documents.☆189Updated last month
- Generate a score for your sbom to understand if it will actually be useful.☆221Updated 3 months ago
- Potential WG on Artificial Intelligence and Machine Learning (AI/ML)☆53Updated 3 weeks ago
- Copier template for Python projects managed by Poetry.☆81Updated 8 months ago
- Fancy PyPI READMEs with Hatch☆158Updated 2 weeks ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆254Updated this week
- Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…☆35Updated this week
- This project is deprecated. Use https://github.com/returntocorp/semgrep instead☆73Updated 7 months ago
- File identification library for Python☆256Updated last week
- A Python client for the Snyk API.☆90Updated 3 months ago
- ☆69Updated last week
- Pytest plugin to fake subprocess.☆107Updated 3 weeks ago
- A parser for Python dependency files☆61Updated last week