Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.
☆85Mar 26, 2026Updated this week
Alternatives and similar repositories for ntia-conformance-checker
Users that are interested in ntia-conformance-checker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Generate a score for your sbom to understand if it will actually be useful.☆239Aug 13, 2024Updated last year
- A place to systematically store software bill of materials (SBOM) documents.☆50Jun 1, 2023Updated 2 years ago
- Utility that provides an API platform for validating, querying and managing BOM data☆130Jan 2, 2026Updated 2 months ago
- A Python library to parse, validate and create SPDX documents.☆241Mar 13, 2026Updated 2 weeks ago
- Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team☆34Feb 2, 2026Updated last month
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- The model for the information captured in SPDX version 3 standard.☆99Updated this week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆112Feb 28, 2026Updated last month
- This is the OpenChain Telco Work Group☆20Updated this week
- Security advisory data for Wolfi☆19Jan 7, 2026Updated 2 months ago
- Format agnostic SBOM tooling☆135Nov 20, 2025Updated 4 months ago
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆276Updated this week
- OSS License Simple Viewer is a simple Excel-based tool as OSS license reference for engineers.☆14Nov 20, 2020Updated 5 years ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆33Jan 19, 2024Updated 2 years ago
- sbomasm: The Complete SBOM Management Toolkit☆107Updated this week
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Documents and tools powering the Wolfi OS community☆24Sep 26, 2025Updated 6 months ago
- Vulnerability Management with SBOM☆20Updated this week
- Example apps demonstrating Chainguard platform integrations☆13Updated this week
- SBOM Search - Context aware search in SBOM repositories☆31Nov 24, 2025Updated 4 months ago
- Source for the website providing online SPDX tools☆72Dec 28, 2025Updated 3 months ago
- OpenVEX Specification☆171Jan 16, 2026Updated 2 months ago
- A tool to create, transform and attest VEX metadata☆181Mar 19, 2026Updated last week
- SBOM Explorer - Discover and pull public SBOMs☆20May 23, 2025Updated 10 months ago
- A light-weight app to audit and inventory large codebases for open source license compliance.☆72Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Project providing insights on the metaeffekt license database.☆12Mar 20, 2026Updated last week
- Collection of Go packages to work with SPDX files☆161Feb 23, 2026Updated last month
- Python library to enable scriptable control of a FOSSology server☆11May 22, 2023Updated 2 years ago
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆22May 4, 2023Updated 2 years ago
- ☆76Dec 10, 2025Updated 3 months ago
- List of SBOM Generation Tools☆30Mar 7, 2025Updated last year
- Open Source License Compliance Checklists☆11Oct 18, 2024Updated last year
- OSS License Open Data☆12Jun 28, 2019Updated 6 years ago
- A standard API specification for exchanging supply chain artifacts and intelligence☆106Updated this week
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- A universal SBOM representation in protocol buffers☆321Mar 2, 2026Updated 3 weeks ago
- We have moved and *archived* this repository. Pls. continue at the new place at https://github.com/eclipse/sw360 ... A software component…☆37Jul 25, 2018Updated 7 years ago
- Black Duck I/O☆13Mar 28, 2025Updated last year
- in-toto Attestation Framework☆328Updated this week
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆227May 26, 2025Updated 10 months ago
- This repository contains the reference material related to the OpenChain Project☆107Mar 19, 2026Updated last week
- A utility to generate SPDX-compliant Bill of Materials manifests☆448Updated this week