Produce an Open Source Vulnerability JSON file based on information in an SPDX document
☆64May 27, 2024Updated last year
Alternatives and similar repositories for spdx-to-osv
Users that are interested in spdx-to-osv are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆608Feb 10, 2026Updated 2 months ago
- This tool compares two Software Bill of Materials (SBOMs) and reports the differences.☆43Mar 9, 2026Updated last month
- A place to systematically store software bill of materials (SBOM) documents.☆50Jun 1, 2023Updated 2 years ago
- Repository of SBOMs generated by the syft SBOM generator tool, against a list of popular dockerhub container images.☆19Mar 3, 2026Updated last month
- This is a mapping of CPEs to package urls created by using VulnerableCode's data☆10Aug 14, 2020Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Support CI generation of SBOMs via golang tooling.☆425Jan 13, 2025Updated last year
- Examples of SPDX files for software combinations☆145Mar 31, 2026Updated 2 weeks ago
- Utility that provides an API and CLI to identify licenses and legal terms☆52Jul 11, 2025Updated 9 months ago
- Automating Compliance Tooling Project☆22Jan 28, 2022Updated 4 years ago
- Basic Streamlit Application for testing, and displaying Multi-GPU LLM timings☆10Mar 30, 2024Updated 2 years ago
- Source for the website providing online SPDX tools☆72Updated this week
- Open Source Vulnerability schema.☆244Apr 8, 2026Updated last week
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆221Oct 21, 2025Updated 5 months ago
- A utility to generate SPDX-compliant Bill of Materials manifests☆452Updated this week
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- ⚡ Guidance, samples, and tools for HPC workloads on AKS clusters with RDMA and InfiniBand support, including GPUDirect RDMA.☆22Updated this week
- An SBOM query language and associated utilities☆56Jan 22, 2024Updated 2 years ago
- conftest plugin that transforms k8s input object to be compatible with gatekeeper policies☆14Jan 26, 2024Updated 2 years ago
- ☆17Updated this week
- ☆102Sep 27, 2024Updated last year
- PURL to CPE Relationship mapping project.☆113Updated this week
- GitHub Action to get a license overview in SPDX format☆14Dec 24, 2021Updated 4 years ago
- Library to ingest and generate VEX documents☆20Mar 9, 2026Updated last month
- Training material examples, code snippets, manifests, etc.☆13Jun 20, 2017Updated 8 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- A tool to match license text with SPDX license list using a an algorithm with finds close matches. It follows SPDX Matching guidelines to…☆33Dec 24, 2025Updated 3 months ago
- A Python library to parse, validate and create SPDX documents.☆243Mar 13, 2026Updated last month
- Kubernetes KMS implementation☆27Apr 9, 2026Updated last week
- krew-wasm offers a way to write and distribute kubectl plugins based on WebAssembly☆14Apr 15, 2024Updated 2 years ago
- Orthos is a machine administration tool.☆20Updated this week
- TUI for managing beads☆37Jan 8, 2026Updated 3 months ago
- ☆123Apr 15, 2025Updated last year
- Threat Hunting at Scale: Auditing Thousands of Clusters With Falco + Fluent☆12Aug 13, 2022Updated 3 years ago
- CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.☆485Mar 31, 2026Updated 2 weeks ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- A tool to create, transform and attest VEX metadata☆184Updated this week
- vexctl is a tool to attest VEX impact statements☆45Mar 27, 2023Updated 3 years ago
- Utility that provides an API platform for validating, querying and managing BOM data☆136Jan 2, 2026Updated 3 months ago
- This repo contains license and copyright analysis results of open source packages. It further contains other license compliance relevant …☆53Apr 12, 2026Updated last week
- A template repository for building external data providers for Gatekeeper.☆12Aug 14, 2023Updated 2 years ago
- Container Image Signing & Verifying on Ethereum [Testnet]☆17Mar 15, 2022Updated 4 years ago
- Monitor your AWS EC2 instances from your Mac menubar.☆25Oct 13, 2016Updated 9 years ago