OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
-
Updated
May 15, 2024 - Go
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
Scans your project to determine what components you use
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
A suite of utilities to help with software supply chain challenges on nix targets
Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Operators, K8s hooks, etc. with minimal coding and by automatically applying best practice methods like software supply chain security measures, SBOM, …
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
Utility that provides an API platform for validating, querying and managing BOM data
A BOM repository server for distributing CycloneDX BOMs
CycloneDX SBOM Model and Utils for Creating and Validating BOMs
Add a description, image, and links to the software-bill-of-materials topic page so that developers can more easily learn about it.
To associate your repository with the software-bill-of-materials topic, visit your repo's landing page and select "manage topics."