Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.
☆81Feb 25, 2026Updated last week
Alternatives and similar repositories for ntia-conformance-checker
Users that are interested in ntia-conformance-checker are comparing it to the libraries listed below
Sorting:
- Generate a score for your sbom to understand if it will actually be useful.☆238Aug 13, 2024Updated last year
- A place to systematically store software bill of materials (SBOM) documents.☆50Jun 1, 2023Updated 2 years ago
- OSS License Simple Viewer is a simple Excel-based tool as OSS license reference for engineers.☆14Nov 20, 2020Updated 5 years ago
- Utility that provides an API platform for validating, querying and managing BOM data☆128Jan 2, 2026Updated 2 months ago
- Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team☆33Feb 2, 2026Updated last month
- The model for the information captured in SPDX version 3 standard.☆99Updated this week
- This is the OpenChain Telco Work Group☆19Dec 3, 2025Updated 3 months ago
- sbomasm: The Complete SBOM Management Toolkit☆107Mar 2, 2026Updated last week
- Utility that converts SBOM documents from CycloneDX to SPDX☆33Jan 19, 2024Updated 2 years ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆110Feb 28, 2026Updated last week
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆269Mar 2, 2026Updated last week
- A Python library to parse, validate and create SPDX documents.☆239Jan 16, 2026Updated last month
- Open Source License Compliance Checklists☆11Oct 18, 2024Updated last year
- Documents and tools powering the Wolfi OS community☆24Sep 26, 2025Updated 5 months ago
- OSS License Open Data☆12Jun 28, 2019Updated 6 years ago
- Source for the website providing online SPDX tools☆72Dec 28, 2025Updated 2 months ago
- Black Duck I/O☆13Mar 28, 2025Updated 11 months ago
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆361Updated this week
- ☆142Mar 2, 2026Updated last week
- A light-weight app to audit and inventory large codebases for open source license compliance.☆72Updated this week
- Security advisory data for Wolfi☆20Jan 7, 2026Updated 2 months ago
- Vulnerability Management with SBOM☆20Mar 2, 2026Updated last week
- Format agnostic SBOM tooling☆133Nov 20, 2025Updated 3 months ago
- SBOM Search - Context aware search in SBOM repositories☆29Nov 24, 2025Updated 3 months ago
- Collection of Go packages to work with SPDX files☆160Feb 23, 2026Updated 2 weeks ago
- OpenVEX Specification☆168Jan 16, 2026Updated last month
- A tool to create, transform and attest VEX metadata☆176Mar 2, 2026Updated last week
- This repository stores meetings minutes for the SPDX project☆39Mar 2, 2026Updated last week
- SPDX Tools☆143Oct 7, 2025Updated 5 months ago
- in-toto Attestation Framework☆326Updated this week
- Examples of SPDX files for software combinations☆143Nov 15, 2025Updated 3 months ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆42Feb 28, 2026Updated last week
- Specification for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆26Nov 17, 2025Updated 3 months ago
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.☆33Apr 4, 2023Updated 2 years ago
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆227May 26, 2025Updated 9 months ago
- SBOM Explorer - Discover and pull public SBOMs☆20May 23, 2025Updated 9 months ago
- (Telekom) Open Source License Compendium☆35Jul 31, 2024Updated last year
- ☆25Nov 8, 2024Updated last year
- SW360 project☆229Updated this week