spdx/spdx-to-osv external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

spdx/spdx-to-osv

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/spdx/spdx-to-osv)

Close

spdx / spdx-to-osvView on GitHubMore

• External links
• Readme badge

Produce an Open Source Vulnerability JSON file based on information in an SPDX document

☆64May 27, 2024Updated 2 years ago

Alternatives and similar repositories for spdx-to-osv

Users that are interested in spdx-to-osv are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• spdx / cdx2spdx

  View on GitHub
  Utility that converts SBOM documents from CycloneDX to SPDX
  ☆33Jan 19, 2024Updated 2 years ago
• Azure / image-rootfs-scanner

  View on GitHub
  Tool to scan a container image's rootfs
  ☆12Nov 6, 2023Updated 2 years ago
• devops-kung-fu / bomber

  View on GitHub
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆615Feb 10, 2026Updated 3 months ago
• anthonyharrison / sbomdiff

  View on GitHub
  This tool compares two Software Bill of Materials (SBOMs) and reports the differences.
  ☆44Mar 9, 2026Updated 2 months ago
• chainguard-sandbox / bom-shelter

  View on GitHub
  A place to systematically store software bill of materials (SBOM) documents.
  ☆50Jun 1, 2023Updated 2 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• anchore / sbom-examples

  View on GitHub
  Repository of SBOMs generated by the syft SBOM generator tool, against a list of popular dockerhub container images.
  ☆20Mar 3, 2026Updated 2 months ago
• opensbom-generator / spdx-sbom-generator

  View on GitHub
  Support CI generation of SBOMs via golang tooling.
  ☆427Jan 13, 2025Updated last year
• spdx / spdx-examples

  View on GitHub
  Examples of SPDX files for software combinations
  ☆147May 20, 2026Updated last week
• CycloneDX / license-scanner

  View on GitHub
  Utility that provides an API and CLI to identify licenses and legal terms
  ☆54Jul 11, 2025Updated 10 months ago
• act-project / TAC

  View on GitHub
  Automating Compliance Tooling Project
  ☆24Jan 28, 2022Updated 4 years ago
• spdx / spdx-online-tools

  View on GitHub
  Source for the website providing online SPDX tools
  ☆71May 11, 2026Updated 2 weeks ago
• ossf / osv-schema

  View on GitHub
  Open Source Vulnerability schema.
  ☆252Updated this week
• weinong / azure-federated-identity-samples

  View on GitHub
  Access AKS clusters using Azure Workload Identity Federation
  ☆10Feb 10, 2024Updated 2 years ago
• CycloneDX / bom-examples

  View on GitHub
  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
  ☆225Oct 21, 2025Updated 7 months ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• lkpsg / ccscanner

  View on GitHub
  A C/C++ dependency scanner
  ☆40Nov 24, 2023Updated 2 years ago
• fsfe / reuse-docs

  View on GitHub
  REUSE recommendations, tutorials, FAQ and specification
  ☆18May 27, 2024Updated 2 years ago
• kubernetes-sigs / bom

  View on GitHub
  A utility to generate SPDX-compliant Bill of Materials manifests
  ☆455May 19, 2026Updated last week
• Azure / aks-rdma-infiniband

  View on GitHub
  ⚡ Guidance, samples, and tools for HPC workloads on AKS clusters with RDMA and InfiniBand support, including GPUDirect RDMA.
  ☆23May 21, 2026Updated last week
• chainguard-dev / bomshell

  View on GitHub
  An SBOM query language and associated utilities
  ☆56Jan 22, 2024Updated 2 years ago
• clover / gatekeeper-conftest

  View on GitHub
  conftest plugin that transforms k8s input object to be compatible with gatekeeper policies
  ☆14Jan 26, 2024Updated 2 years ago
• usnistgov / swid-tools

  View on GitHub
  ☆17May 21, 2026Updated last week
• nyph-infosec / daggerboard

  View on GitHub
  ☆102Sep 27, 2024Updated last year
• scanoss / purl2cpe

  View on GitHub
  PURL to CPE Relationship mapping project.
  ☆117Updated this week
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• CloudSecurityAlliance / gsd-database

  View on GitHub
  Global Security Database
  ☆319Apr 29, 2024Updated 2 years ago
• philips-software / spdx-action

  View on GitHub
  GitHub Action to get a license overview in SPDX format
  ☆14Dec 24, 2021Updated 4 years ago
• philips-software / SPDXMerge

  View on GitHub
  SPDX Merge tool
  ☆51May 18, 2026Updated last week
• anthonyharrison / lib4vex

  View on GitHub
  Library to ingest and generate VEX documents
  ☆19Mar 9, 2026Updated 2 months ago
• lachie83 / trex

  View on GitHub
  Training material examples, code snippets, manifests, etc.
  ☆13Jun 20, 2017Updated 8 years ago
• interlynk-io / sbomex

  View on GitHub
  SBOM Explorer - Discover and pull public SBOMs
  ☆21May 23, 2025Updated last year
• spdx / spdx-license-matcher

  View on GitHub
  A tool to match license text with SPDX license list using a an algorithm with finds close matches. It follows SPDX Matching guidelines to…
  ☆33Apr 30, 2026Updated 3 weeks ago
• kubernetes / kms

  View on GitHub
  Kubernetes KMS implementation
  ☆27Updated this week
• flavio / krew-wasm

  View on GitHub
  krew-wasm offers a way to write and distribute kubectl plugins based on WebAssembly
  ☆14Apr 15, 2024Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• openSUSE / orthos2

  View on GitHub
  Orthos is a machine administration tool.
  ☆20May 22, 2026Updated last week
• eclipse-jbom / jbom

  View on GitHub
  ☆123Apr 15, 2025Updated last year
• eminaktas / threat-hunting-at-scale-demo

  View on GitHub
  Threat Hunting at Scale: Auditing Thousands of Clusters With Falco + Fluent
  ☆12Aug 13, 2022Updated 3 years ago
• openvex / vexctl

  View on GitHub
  A tool to create, transform and attest VEX metadata
  ☆194Updated this week
• CycloneDX / cyclonedx-cli

  View on GitHub
  CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
  ☆498Updated this week
• chainguard-dev / vex

  View on GitHub
  vexctl is a tool to attest VEX impact statements
  ☆45Mar 27, 2023Updated 3 years ago
• CycloneDX / sbom-utility

  View on GitHub
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆140May 18, 2026Updated last week