sonatype-nexus-community / jake

Related projects ⓘ

Alternatives and complementary repositories for jake

• CycloneDX / cyclonedx-python
  CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
  ☆256Updated this week
• CycloneDX / cyclonedx-python-lib
  Python implementation of OWASP CycloneDX
  ☆69Updated this week
• sigstore / sigstore-python
  A Sigstore client written in Python
  ☆227Updated this week
• dlint-py / dlint
  Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.
  ☆164Updated last week
• twu / skjold
  Security audit Python project dependencies against security advisory databases.
  ☆65Updated last month
• pypa / advisory-database
  Advisory database for Python packages published on pypi.org
  ☆262Updated this week
• pypa / gh-action-pip-audit
  A GitHub Action for pip-audit
  ☆68Updated 3 months ago
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆70Updated last week
• CycloneDX / gh-python-generate-sbom
  GitHub action to generate a CycloneDX SBOM for Python
  ☆13Updated 3 months ago
• sethmlarson / pypi-data
  Data about packages and maintainers on PyPI
  ☆123Updated last month
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆184Updated this week
• anthonyharrison / sbom4python
  A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
  ☆25Updated last month
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆70Updated last month
• snyk / faker-security
  Python Faker provider for security related data
  ☆36Updated 3 months ago
• snyk-labs / pysnyk
  A Python client for the Snyk API.
  ☆88Updated 2 months ago
• in-toto / demo
  Securing Alice's, Bob's and Carl's software supply chain using in-toto
  ☆88Updated 2 weeks ago
• DependencyTrack / gh-upload-sbom
  Publishes BOMs to Dependency-Track from GitHub Actions
  ☆47Updated last month
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆58Updated last week
• illikainen / ossaudit
  Audit python packages for known vulnerabilities
  ☆30Updated 2 years ago
• spdx / tools-python
  A Python library to parse, validate and create SPDX documents.
  ☆187Updated last month
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆112Updated this week
• hynek / hatch-fancy-pypi-readme
  Fancy PyPI READMEs with Hatch
  ☆157Updated this week
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆77Updated this week
• pyupio / dparse
  A parser for Python dependency files
  ☆61Updated this week
• ochronasec / ochrona-cli
  A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
  ☆52Updated last year
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated 7 months ago
• slsa-framework / slsa-verifier
  Verify provenance from SLSA compliant builders
  ☆228Updated last week
• interlynk-io / sbomqs
  SBOM quality score - Quality metrics for your sboms
  ☆184Updated this week
• repository-service-tuf / repository-service-tuf
  Umbrella Repository Service for TUF
  ☆40Updated this week
• Lucas-C / pre-commit-hooks-safety
  A pre-commit hook to check your Python dependencies against safety-db
  ☆89Updated 9 months ago