spdx / ntia-conformance-checkerView external linksLinks
Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.
☆79Feb 6, 2026Updated last week
Alternatives and similar repositories for ntia-conformance-checker
Users that are interested in ntia-conformance-checker are comparing it to the libraries listed below
Sorting:
- A place to systematically store software bill of materials (SBOM) documents.☆50Jun 1, 2023Updated 2 years ago
- OSS License Simple Viewer is a simple Excel-based tool as OSS license reference for engineers.☆14Nov 20, 2020Updated 5 years ago
- Utility that provides an API platform for validating, querying and managing BOM data☆125Jan 2, 2026Updated last month
- Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team☆33Feb 2, 2026Updated 2 weeks ago
- The model for the information captured in SPDX version 3 standard.☆97Updated this week
- This is the OpenChain Telco Work Group☆19Dec 3, 2025Updated 2 months ago
- sbomasm: The Complete SBOM Management Toolkit☆103Updated this week
- Utility that converts SBOM documents from CycloneDX to SPDX☆33Jan 19, 2024Updated 2 years ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆110Jan 22, 2026Updated 3 weeks ago
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆267Updated this week
- A Python library to parse, validate and create SPDX documents.☆235Jan 16, 2026Updated last month
- Open Source License Compliance Checklists☆11Oct 18, 2024Updated last year
- Documents and tools powering the Wolfi OS community☆24Sep 26, 2025Updated 4 months ago
- OSS License Open Data☆12Jun 28, 2019Updated 6 years ago
- Source for the website providing online SPDX tools☆71Dec 28, 2025Updated last month
- Black Duck I/O☆13Mar 28, 2025Updated 10 months ago
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆354Updated this week
- ☆140Updated this week
- Format agnostic SBOM tooling☆131Nov 20, 2025Updated 2 months ago
- REUSE recommendations, tutorials, FAQ and specification☆18May 27, 2024Updated last year
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Jan 27, 2025Updated last year
- Security advisory data for Wolfi☆20Jan 7, 2026Updated last month
- Vulnerability Management with SBOM☆19Updated this week
- SBOM Search - Context aware search in SBOM repositories☆29Nov 24, 2025Updated 2 months ago
- ☆75Dec 10, 2025Updated 2 months ago
- Collection of Go packages to work with SPDX files☆158Jan 16, 2026Updated last month
- A tool to create, transform and attest VEX metadata☆173Updated this week
- OpenVEX Specification☆167Jan 16, 2026Updated last month
- This repository stores meetings minutes for the SPDX project☆37Updated this week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆42Feb 4, 2026Updated last week
- SPDX Tools☆143Oct 7, 2025Updated 4 months ago
- in-toto Attestation Framework☆323Updated this week
- Examples of SPDX files for software combinations☆142Nov 15, 2025Updated 3 months ago
- Specification for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆26Nov 17, 2025Updated 2 months ago
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.☆33Apr 4, 2023Updated 2 years ago
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆227May 26, 2025Updated 8 months ago
- ☆24Nov 8, 2024Updated last year
- SBOM Explorer - Discover and pull public SBOMs☆20May 23, 2025Updated 8 months ago
- SW360 project☆220Updated this week