sonatype-nexus-community / jake
Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.
☆114Updated last week
Related projects ⓘ
Alternatives and complementary repositories for jake
- CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments☆256Updated this week
- Python implementation of OWASP CycloneDX☆69Updated this week
- A Sigstore client written in Python☆227Updated this week
- Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.☆164Updated last week
- Security audit Python project dependencies against security advisory databases.☆65Updated last month
- Advisory database for Python packages published on pypi.org☆262Updated this week
- A GitHub Action for pip-audit☆68Updated 3 months ago
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆70Updated last week
- GitHub action to generate a CycloneDX SBOM for Python☆13Updated 3 months ago
- Data about packages and maintainers on PyPI☆123Updated last month
- Open Source Vulnerability schema.☆184Updated this week
- A tool to generate a SBOM (Software Bill of Materials) for an installed Python module☆25Updated last month
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆70Updated last month
- Python Faker provider for security related data☆36Updated 3 months ago
- A Python client for the Snyk API.☆88Updated 2 months ago
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆88Updated 2 weeks ago
- Publishes BOMs to Dependency-Track from GitHub Actions☆47Updated last month
- A Python library and command line interface for CVE Services.☆58Updated last week
- Audit python packages for known vulnerabilities☆30Updated 2 years ago
- A Python library to parse, validate and create SPDX documents.☆187Updated last month
- Enrich SBOMs with data from third party services☆112Updated this week
- Fancy PyPI READMEs with Hatch☆157Updated this week
- Format agnostic SBOM tooling☆77Updated this week
- A parser for Python dependency files☆61Updated this week
- A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs☆52Updated last year
- This project is deprecated. Use https://github.com/returntocorp/semgrep instead☆73Updated 7 months ago
- Verify provenance from SLSA compliant builders☆228Updated last week
- SBOM quality score - Quality metrics for your sboms☆184Updated this week
- Umbrella Repository Service for TUF☆40Updated this week
- A pre-commit hook to check your Python dependencies against safety-db☆89Updated 9 months ago