Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects

CycloneDX SBOM Model and Utils for Creating and Validating BOMs

Main repository for the official Dependency-Track Jenkins plugin

Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions

Doing things right, in the name of Sun / Oracle

We have moved and *archived* this repository. Pls. continue at the new place at https://github.com/eclipse/sw360 ... A software component catalogue application - designed to work with FOSSology.

Lockheed Martin developed utility to compare two CycloneDX SBOMs

Holon Platform Core module: represents the platform foundation, providing the definition of the overall architecture, base structures and APIs.

Generates SPDX bill-of-material files from a package input and license scan

Lockheed Martin developed utility to combine multiple CycloneDX SBOMs

Java open source tools to create bill-of-materials files used in Mac OS X installers

CLI tool to sync the Black Duck's BOM information to the FOSSLight Hub's Project

A Jenkins plugin to create listings of third-party components and their licenses

Lucy is a component analysis platform to minimize the risk of license infringements and to support and optimize the license compliance process.

💻 | A discord bot made in java

A "Bill of Materials" (BOM) listing all Bootique modules

Plugin that makes easy implementing BOM approach. It allows to install & deploy libraries from folder(s) generating BOM file.

Example of creating a BOM in Gradle to share dependencies across projects.