spdx / spdx-maven-plugin
Plugin for supporting SPDX in a Maven build.
☆44Updated 3 weeks ago
Related projects: ⓘ
- SPDX Command Line Tools using the Spdx-Java-Library☆59Updated last week
- Java library which implements the Java object model for SPDX and provides useful helper functions☆35Updated last week
- CycloneDX SBOM Model and Utils for Creating and Validating BOMs☆80Updated this week
- ☆110Updated 3 months ago
- java clients for sigstore☆37Updated last week
- The SonarQube plugin for jQAssistant☆12Updated this week
- Reproducible Central: rebuild instructions for artifacts published to (Maven) Central Repository☆99Updated this week
- Java/JVM implementation of the package url spec☆22Updated 3 months ago
- Extract license information from content.☆47Updated last week
- sigstore maven plugin☆18Updated last month
- Zanzibar style fine grained authorization☆17Updated this week
- Utility that converts SBOM documents from CycloneDX to SPDX☆29Updated 8 months ago
- An opinionated scaffolding framework that jumpstarts Java projects with an API-first design, secure defaults, and minimal dependencies☆61Updated this week
- A Cloud Native Buildpack that builds Maven-based applications from source☆30Updated 2 weeks ago
- The ultimate Java library for Troy Hunt's ';-- Have I Been Pwned (v3).☆13Updated last year
- A Maven plugin that creates merge requests for dependency updates.☆26Updated 5 months ago
- GitHub Action to get a license overview in SPDX format☆14Updated 2 years ago
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆59Updated this week
- A secure spring boot based java service providing an API to store and retrieve browser bookmarks☆18Updated 3 months ago
- A light-weight app to audit and inventory large codebases for open source license compliance.☆60Updated this week
- IntelliJ Dependency Analytics☆24Updated 2 weeks ago
- Lockheed Martin developed utility to compare two CycloneDX SBOMs☆18Updated 2 years ago
- container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat…☆34Updated last month
- Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable …☆61Updated 8 months ago
- ☆29Updated this week
- HaveIBeenPwned Password Policy for Keycloak PoC☆10Updated 5 years ago
- A framework for defining ratings for open source projects. In particular, the framework offers a security rating for open source projects…☆60Updated last week
- This project contains a Testcontainers implementation for a plain git server based on the Docker image rockstorm/git-server☆30Updated this week
- Java Package URL implementation☆12Updated last year
- Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects☆287Updated last week