🎁 wraps all package managers with a unifying CLI
-
Updated
Jul 17, 2024 - Python
🎁 wraps all package managers with a unifying CLI
Python SDK for the Finite State Platform API
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.
Kubernetes operator for the OSS Review Toolkit
Modular framework for SBOM generation that gathers file information and analyzes dependencies
Scan artifacts with Amazon Inspector from GitHub Actions workflows.
Python implementation of OWASP CycloneDX
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
Ansible role for 'syft'. Available on Ansible Galaxy.
Generate Software Bill-of-Materials (SBOMs) for Python environments from distribution metadata
🔍 ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks or check conformance to frameworks, such as SLSA.
Toolset that helps you with creating and interacting with SBOMs, enriching with licensing and copyright information, and checking for Open Source license compliance
Add a description, image, and links to the sbom topic page so that developers can more easily learn about it.
To associate your repository with the sbom topic, visit your repo's landing page and select "manage topics."