Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: spdx
opossum-tool/OpossumUI
A light-weight app to audit and inventory large codebases for open source license compliance.
Language: TypeScript - Size: 35.8 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 55 - Forks: 26
LLNL/Surfactant
Modular framework for SBOM generation that gathers file information and analyzes dependencies
Language: Python - Size: 943 KB - Last synced: about 3 hours ago - Pushed: about 20 hours ago - Stars: 11 - Forks: 13
fossology/fossology
FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.
Language: PHP - Size: 297 MB - Last synced: about 3 hours ago - Pushed: about 14 hours ago - Stars: 756 - Forks: 401
nexB/scancode-toolkit
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
Language: Python - Size: 643 MB - Last synced: about 5 hours ago - Pushed: about 23 hours ago - Stars: 1,991 - Forks: 530
Wind-River/meta-wr-sbom
A CLI tool for generating a Software Bill of Materials (SBOM) from Yocto Project.
Language: Roff - Size: 745 KB - Last synced: about 10 hours ago - Pushed: about 11 hours ago - Stars: 11 - Forks: 3
artichoke/generate_third_party
📜 Generate listings of third party licenses for Artichoke Ruby
Language: Ruby - Size: 926 KB - Last synced: about 15 hours ago - Pushed: about 16 hours ago - Stars: 4 - Forks: 0
kubernetes-sigs/bom
A utility to generate SPDX-compliant Bill of Materials manifests
Language: Go - Size: 16.2 MB - Last synced: about 15 hours ago - Pushed: about 15 hours ago - Stars: 304 - Forks: 43
spdx/Spdx-Java-Library
Java library which implements the Java object model for SPDX and provides useful helper functions
Language: Java - Size: 12.8 MB - Last synced: about 20 hours ago - Pushed: about 21 hours ago - Stars: 30 - Forks: 33
CycloneDX/cyclonedx-rust-cargo
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
Language: Rust - Size: 2.31 MB - Last synced: about 18 hours ago - Pushed: 1 day ago - Stars: 77 - Forks: 37
openSUSE/cavil
The legal review and SBOM system used by SUSE and openSUSE
Language: Perl - Size: 35.2 MB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 31 - Forks: 6
CycloneDX/cyclonedx-python-lib
Python implementation of OWASP CycloneDX
Language: Python - Size: 2.51 MB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 59 - Forks: 30
XmirrorSecurity/OpenSCA-cli
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Language: Go - Size: 8.45 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 1,011 - Forks: 114
tobysmith568/license-cop
Yet another license checker tool for your dependencies; focused on simplicity.
Language: TypeScript - Size: 10 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 4 - Forks: 1
CycloneDX/cyclonedx-core-java
CycloneDX SBOM Model and Utils for Creating and Validating BOMs
Language: Java - Size: 14.8 MB - Last synced: 1 day ago - Pushed: 3 days ago - Stars: 68 - Forks: 54
nikstur/bombon
Nix CycloneDX Software Bills of Materials (SBOMs)
Language: Rust - Size: 277 KB - Last synced: 3 days ago - Pushed: 3 days ago - Stars: 50 - Forks: 4
CycloneDX/cyclonedx-cli
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Language: C# - Size: 592 KB - Last synced: 6 days ago - Pushed: 6 days ago - Stars: 256 - Forks: 56
CycloneDX/cyclonedx-php-library
PHP Implementation of OWASP CycloneDX Bill of Materials (BOM)
Language: PHP - Size: 2.39 MB - Last synced: 6 days ago - Pushed: 6 days ago - Stars: 6 - Forks: 0
CycloneDX/sbom-utility
Utility that provides an API platform for validating, querying and managing BOM data
Language: Go - Size: 9.8 MB - Last synced: 6 days ago - Pushed: 7 days ago - Stars: 68 - Forks: 10
SBOMcc/sbomcc
SBOM Parsing For Humans
Language: Racket - Size: 102 KB - Last synced: 8 days ago - Pushed: 8 days ago - Stars: 1 - Forks: 0
onebeyond/spdx-license-satisfies Fork of jslicense/spdx-satisfies.js
Tool to test whether SPDX expressions satisfy licensing criteria
Language: JavaScript - Size: 228 KB - Last synced: 8 days ago - Pushed: 7 months ago - Stars: 1 - Forks: 0
jeremiah/spdxl
spdxl (pronounced spud-exel) is a tool that attempts to identify FOSS licenses and corresponding files associated with them based on SPDX tags.
Language: Perl - Size: 125 KB - Last synced: 8 days ago - Pushed: 8 days ago - Stars: 1 - Forks: 1
hashicorp/copywrite
Automate copyright headers and license files at scale
Language: Go - Size: 287 KB - Last synced: 8 days ago - Pushed: about 2 months ago - Stars: 64 - Forks: 10
nexB/license-expression
Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX or any other license id scheme.
Language: Python - Size: 35.2 MB - Last synced: 3 days ago - Pushed: 7 days ago - Stars: 52 - Forks: 20
yohangz/packer-cli
:boom: Full-fledged CLI tool to generate and package node modules compliant with Browser and NodeJS. Packer CLI support all modern style, unit test and script transpiler tools
Language: HTML - Size: 5.56 MB - Last synced: 5 days ago - Pushed: over 1 year ago - Stars: 86 - Forks: 3
spdx/license-list-data
Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON
Language: HTML - Size: 1.04 GB - Last synced: 10 days ago - Pushed: 23 days ago - Stars: 475 - Forks: 139
osism/sbom
Software Bill of Materials
Language: Python - Size: 597 KB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 2 - Forks: 1
spdx/tools
SPDX Tools
Language: Java - Size: 22.4 MB - Last synced: 10 days ago - Pushed: 11 months ago - Stars: 123 - Forks: 67
anthonyharrison/lib4sbom
Library to ingest and generate SBOMs
Language: Python - Size: 1.72 MB - Last synced: 11 days ago - Pushed: 11 days ago - Stars: 11 - Forks: 9
CycloneDX/cyclonedx-python
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
Language: Python - Size: 2.12 MB - Last synced: 16 days ago - Pushed: 16 days ago - Stars: 210 - Forks: 61
thehale/git-authorship
See who wrote each line of code in your git repository with interactive reports.
Language: Python - Size: 23.9 MB - Last synced: 16 days ago - Pushed: 18 days ago - Stars: 2 - Forks: 0
anthonyharrison/distro2SBOM
Generates SBOM files from system packaging information
Language: Python - Size: 48.8 KB - Last synced: 11 days ago - Pushed: 12 days ago - Stars: 9 - Forks: 6
spdx/spdx-spec
The SPDX specification in MarkDown and HTML formats.
Language: Python - Size: 35.6 MB - Last synced: 10 days ago - Pushed: 12 days ago - Stars: 269 - Forks: 131
CycloneDX/cyclonedx-javascript-library
Core functionality of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.
Language: TypeScript - Size: 2.47 MB - Last synced: 16 days ago - Pushed: 20 days ago - Stars: 12 - Forks: 9
oss-review-toolkit/ort-ci-gitlab
Use ORT in your GitLab pipelines
Size: 279 KB - Last synced: 14 days ago - Pushed: 14 days ago - Stars: 8 - Forks: 14
spdx/tools-python
A Python library to parse, validate and create SPDX documents.
Language: Python - Size: 3.35 MB - Last synced: 10 days ago - Pushed: 16 days ago - Stars: 163 - Forks: 125
nexB/dejacode
Automate open source license compliance and ensure software supply chain integrity
Language: Python - Size: 54 MB - Last synced: 16 days ago - Pushed: 18 days ago - Stars: 16 - Forks: 5
nexB/scancode.io
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Language: Python - Size: 48.8 MB - Last synced: 16 days ago - Pushed: 17 days ago - Stars: 88 - Forks: 82
oss-review-toolkit/ort-ci-github-action
Run ORT in your GitHub action workflow to do licensing, security and best practices checks and generate reports/SBOMs
Size: 70.3 KB - Last synced: 15 days ago - Pushed: 15 days ago - Stars: 20 - Forks: 6
sschuberth/spdx-stuff
Unsorted stuff related to the Software Package Data Exchange format
Language: Shell - Size: 2.93 KB - Last synced: 16 days ago - Pushed: about 7 years ago - Stars: 0 - Forks: 1
patriksvensson/spdx
A .NET library that makes it easy to retrieve information about SPDX licenses.
Language: C# - Size: 126 KB - Last synced: 16 days ago - Pushed: about 2 months ago - Stars: 13 - Forks: 0
pfefferle/dash-spdx-licenses
An SPDX-Licenses Dash.app docset
Language: HTML - Size: 3.68 MB - Last synced: 16 days ago - Pushed: over 2 years ago - Stars: 4 - Forks: 1
EmbarkStudios/cargo-about
📜 Cargo plugin to generate list of all licenses for a crate 🦀
Language: Rust - Size: 5.39 MB - Last synced: 15 days ago - Pushed: 4 months ago - Stars: 480 - Forks: 27
patriksvensson/covenant
A tool to generate SBOM (Software Bill of Material) from source code artifacts.
Language: C# - Size: 111 KB - Last synced: 16 days ago - Pushed: about 2 months ago - Stars: 58 - Forks: 6
refcell/lice
Dead simple, minimal SPDX License generator library written in Rust.
Language: Rust - Size: 186 KB - Last synced: 19 days ago - Pushed: 7 months ago - Stars: 9 - Forks: 0
CycloneDX/specification
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX
Language: XSLT - Size: 1.64 MB - Last synced: 14 days ago - Pushed: 14 days ago - Stars: 326 - Forks: 55
fsfe/reuse-tool
reuse is a tool for compliance with the REUSE recommendations.
Language: Python - Size: 3.97 MB - Last synced: 24 days ago - Pushed: 25 days ago - Stars: 344 - Forks: 132
tern-tools/tern
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
Language: Python - Size: 6.61 MB - Last synced: 19 days ago - Pushed: 2 months ago - Stars: 931 - Forks: 185
sudorook/licensetool
Tool for embedding SPDX metadata and license blurbs in files. Uses fsfe/reuse-tool.
Language: Jinja - Size: 40 KB - Last synced: 21 days ago - Pushed: 21 days ago - Stars: 0 - Forks: 0
interlynk-io/sbomgr
SBOM Grep - search through SBOMs
Language: Go - Size: 273 KB - Last synced: 21 days ago - Pushed: 21 days ago - Stars: 16 - Forks: 1
CycloneDX/cyclonedx-ruby-gem
Creates CycloneDX Software Bill of Materials (SBOM) from Ruby projects
Language: Ruby - Size: 85.9 KB - Last synced: 16 days ago - Pushed: 6 months ago - Stars: 19 - Forks: 18
CycloneDX/cyclonedx-maven-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Language: Java - Size: 1.65 MB - Last synced: 22 days ago - Pushed: 22 days ago - Stars: 273 - Forks: 83
interlynk-io/sbomasm
SBOM Assembler - A tool to compose your various sboms into a single sbom.
Language: Go - Size: 906 KB - Last synced: 21 days ago - Pushed: 21 days ago - Stars: 37 - Forks: 1
interlynk-io/sbomqs
SBOM quality score - Quality metrics for your sboms
Language: Go - Size: 1.09 MB - Last synced: 24 days ago - Pushed: 28 days ago - Stars: 130 - Forks: 11
CycloneDX/cyclonedx-webpack-plugin
Create CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
Language: TypeScript - Size: 6.66 MB - Last synced: 27 days ago - Pushed: 27 days ago - Stars: 23 - Forks: 7
mnahkies/spdx-dependency-track
A simple application to crawl your Github repositories, export SBOM's in SPDX format, and ingest these for licensing analysis.
Language: TypeScript - Size: 1.82 MB - Last synced: 2 days ago - Pushed: 26 days ago - Stars: 1 - Forks: 0
DEMCON/cmake-sbom
Guided SBOM generation from CMake
Language: CMake - Size: 56.6 KB - Last synced: 23 days ago - Pushed: 23 days ago - Stars: 8 - Forks: 3
CycloneDX/cyclonedx-dotnet
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Language: C# - Size: 2.61 MB - Last synced: 18 days ago - Pushed: 18 days ago - Stars: 160 - Forks: 77
prathamgahlout/phsyberdome-dependency-scanner
Detect Licenses, dependencies by scanning your project/repositories to discover the Open Source and Third party packages used in your code.
Language: Java - Size: 2.65 MB - Last synced: 26 days ago - Pushed: 26 days ago - Stars: 6 - Forks: 1
DBOMproject/tools
This repo contains various tools for interacting with DBoM
Language: Python - Size: 33.2 KB - Last synced: 28 days ago - Pushed: 5 months ago - Stars: 0 - Forks: 0
hattya/license.vim
A Vim plugin to insert license to buffer
Language: Vim Script - Size: 146 KB - Last synced: 28 days ago - Pushed: 28 days ago - Stars: 2 - Forks: 0
ardikars/pcap
Provides JVM network packet processing library for rapid development.
Language: Java - Size: 1.69 MB - Last synced: 16 days ago - Pushed: 3 months ago - Stars: 40 - Forks: 9
sajayantony/obom_cli
Tool to inspect and push and SPDX document as an OCI artifact
Language: Go - Size: 3.36 MB - Last synced: 30 days ago - Pushed: 10 months ago - Stars: 10 - Forks: 5
henrirosten/nix-sbom-test
Language: Shell - Size: 3.91 KB - Last synced: 30 days ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0
package-url/purl-spec
A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
Size: 233 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 611 - Forks: 144
susumu-ozawa-cy/spdx-ntia-conformance-checker
SPDX NTIA Conformance Checker Action
Size: 456 KB - Last synced: 9 days ago - Pushed: 9 days ago - Stars: 0 - Forks: 0
maxhbr/spdx-tools-hs
Language: Haskell - Size: 179 KB - Last synced: about 1 month ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0
devops-kung-fu/bomber
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
Language: Go - Size: 11.1 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 449 - Forks: 39
chainloop-dev/chainloop
Chainloop is an Open Source Metadata Vault for your Software Supply Chain metadata, SBOMs, VEX, SARIF files, QA reports, and more.
Language: Go - Size: 20.1 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 271 - Forks: 19
psastras/sbom-rs
A group of Rust projects for interacting with and producing software bill of materials (SBOMs).
Language: Rust - Size: 283 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 13 - Forks: 3
raftario/licensor
write licenses to stdout
Language: Rust - Size: 258 KB - Last synced: 28 days ago - Pushed: over 1 year ago - Stars: 191 - Forks: 11
evenorog/license
Embedded license information from SPDX.
Language: Rust - Size: 5.34 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 7 - Forks: 1
anchore/syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Language: Go - Size: 17.5 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 5,408 - Forks: 494
oss-review-toolkit/ort
A suite of tools to automate software compliance checks.
Language: Kotlin - Size: 130 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 1,466 - Forks: 288
condy0919/spdx.el
Insert SPDX license header
Language: Emacs Lisp - Size: 142 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 12 - Forks: 4
sthagen/spdx-lint
Experimental SPDX baseline validator.
Language: Python - Size: 2.09 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 1 - Forks: 0
pmonks/tools-licenses
A Clojure tools.build task library related to dependency licenses.
Language: Clojure - Size: 1.08 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 6 - Forks: 4
CycloneDX/cyclonedx-gradle-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
Language: Java - Size: 710 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 136 - Forks: 71
CycloneDX/cyclonedx-php-composer
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Language: PHP - Size: 1.2 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 41 - Forks: 7
SoftwareDesignLab/SBOM-in-a-Box
SBOM-in-a-Box is a unified platform to promote the production, consumption, and utilization of Software Bills of Materials.
Language: Java - Size: 75.2 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 4 - Forks: 0
anthonyharrison/sbom2doc
Transform SBOM contents into a formatted document including markdown and PDF formats
Language: Python - Size: 80.1 KB - Last synced: 15 days ago - Pushed: 4 months ago - Stars: 12 - Forks: 3
anthonyharrison/sbom4rust
SBOM4Rust generates a Software Bill of Materials (SBOM) for a Rust component.
Language: Python - Size: 33.2 KB - Last synced: 16 days ago - Pushed: about 2 months ago - Stars: 3 - Forks: 0
anthonyharrison/sbom4files
SBOM generator for files within a directory
Language: Python - Size: 42 KB - Last synced: 16 days ago - Pushed: about 2 months ago - Stars: 5 - Forks: 1
anthonyharrison/sbom2dot
Create a dependency graph of the components within a SBOM
Language: Python - Size: 85.9 KB - Last synced: 16 days ago - Pushed: about 2 months ago - Stars: 4 - Forks: 0
anthonyharrison/sbom-manager
Manage collection of SBOMs (Software Bill of Materials)
Language: Python - Size: 1.47 MB - Last synced: 16 days ago - Pushed: about 2 months ago - Stars: 6 - Forks: 2
alilleybrinker/cargo-spdx
Generate an SPDX Software Bill of Materials for Rust crates.
Language: Rust - Size: 59.6 KB - Last synced: 7 days ago - Pushed: almost 2 years ago - Stars: 18 - Forks: 1
ralexander-phi/which-license
Identify common software licenses
Language: TypeScript - Size: 2.39 MB - Last synced: 16 days ago - Pushed: 16 days ago - Stars: 2 - Forks: 0
anthonyharrison/sbomdiff
This tool compares two Software Bill of Materials (SBOMs) and reports the differences.
Language: Python - Size: 68.4 KB - Last synced: 16 days ago - Pushed: about 2 months ago - Stars: 22 - Forks: 2
boyter/lc
licensechecker (lc) a command line application which scans directories and identifies what software license things are under producing reports as either SPDX, CSV, JSON, XLSX or CLI Tabular output. Dual-licensed under MIT or the UNLICENSE.
Language: Go - Size: 52 MB - Last synced: 16 days ago - Pushed: 4 months ago - Stars: 117 - Forks: 16
spdx/spdx-license-matcher
A tool to match license text with SPDX license list using a an algorithm with finds close matches. It follows SPDX Matching guidelines to keep the substantial text as well as ignore the replaceable text for matching purposes.
Language: Python - Size: 143 MB - Last synced: 10 days ago - Pushed: 4 months ago - Stars: 25 - Forks: 14
JessebotX/license
:balance_scale: Generate licenses (found on the SPDX License List) for your projects
Language: Go - Size: 1.95 KB - Last synced: 29 days ago - Pushed: about 2 months ago - Stars: 0 - Forks: 0
AvishrantsSh/GoLicense-Classifier
A Python package to find license expressions and copyright statements in a codebase.
Language: Python - Size: 21.9 MB - Last synced: 15 days ago - Pushed: almost 3 years ago - Stars: 1 - Forks: 0
mitchellh/go-spdx
Golang library for listing and looking up licenses using SPDX IDs.
Language: Go - Size: 7.81 KB - Last synced: 15 days ago - Pushed: over 5 years ago - Stars: 23 - Forks: 2
bitfront-se/observer-cli
CLI tool to generate SBOMs and upload them to SBOM Observer.
Language: Go - Size: 40 KB - Last synced: about 21 hours ago - Pushed: about 2 months ago - Stars: 1 - Forks: 0
sindresorhus/spdx-license-list
List of SPDX licenses
Language: JavaScript - Size: 4.04 MB - Last synced: about 1 month ago - Pushed: 3 months ago - Stars: 88 - Forks: 16
spdx/spdx-license-diff
Chrome/Firefox browser extension to compare text against spdx license list
Language: JavaScript - Size: 5.39 MB - Last synced: 10 days ago - Pushed: 10 months ago - Stars: 33 - Forks: 4
ccideas/cyclonedx-npm-pipe
Bitbucket pipe to generate a CycloneDX sBOM for node/npm projects
Language: Shell - Size: 58.6 KB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 1 - Forks: 0
higolab/Osmy
Osmy: A tool for software management using SPDX Documents
Language: C# - Size: 450 KB - Last synced: 2 months ago - Pushed: 2 months ago - Stars: 2 - Forks: 0
moritzruth-archive/spdx-license-data 📦
📃 Open Source licenses as JSON
Language: JavaScript - Size: 1.16 MB - Last synced: 3 months ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0
mjpitz/spdx-fmt
Easily convert spdx.json files into human-readable, markdown files.
Language: Go - Size: 53.7 KB - Last synced: 3 months ago - Pushed: 5 months ago - Stars: 2 - Forks: 0
ctron/cargo-clearlydefined
A tool for checking cargo dependencies with data from clearlydefined.io
Language: Rust - Size: 125 KB - Last synced: 16 days ago - Pushed: 4 months ago - Stars: 0 - Forks: 0