Topic: "sbom-generator"
RetireJS/retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
Language: JavaScript - Size: 2.65 MB - Last synced at: 12 days ago - Pushed at: about 1 month ago - Stars: 3,808 - Forks: 416
microsoft/sbom-tool
The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
Language: C# - Size: 2.24 MB - Last synced at: 8 days ago - Pushed at: 9 days ago - Stars: 1,760 - Forks: 154
oss-review-toolkit/ort
A suite of tools to automate software compliance checks.
Language: Kotlin - Size: 139 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 1,717 - Forks: 326
lunasec-io/lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Language: TypeScript - Size: 293 MB - Last synced at: 7 days ago - Pushed at: 12 months ago - Stars: 1,445 - Forks: 168
awesomeSBOM/awesome-sbom
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
Size: 47.9 KB - Last synced at: 10 days ago - Pushed at: 5 months ago - Stars: 510 - Forks: 69
trailofbits/it-depends
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.
Language: Python - Size: 471 KB - Last synced at: 7 days ago - Pushed at: 4 months ago - Stars: 355 - Forks: 21
CycloneDX/cyclonedx-cli
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Language: C# - Size: 637 KB - Last synced at: 13 days ago - Pushed at: 5 months ago - Stars: 347 - Forks: 63
CycloneDX/cyclonedx-maven-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Language: Java - Size: 2.31 MB - Last synced at: 7 days ago - Pushed at: about 1 month ago - Stars: 318 - Forks: 88
CycloneDX/cyclonedx-python
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
Language: Python - Size: 3.6 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 276 - Forks: 73
CycloneDX/cyclonedx-dotnet
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Language: C# - Size: 2.7 MB - Last synced at: 8 days ago - Pushed at: about 1 month ago - Stars: 214 - Forks: 97
CycloneDX/cyclonedx-gradle-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
Language: Java - Size: 1.04 MB - Last synced at: 9 days ago - Pushed at: 12 days ago - Stars: 183 - Forks: 79
tiiuae/sbomnix
A suite of utilities to help with software supply chain challenges on nix targets
Language: Python - Size: 2.63 MB - Last synced at: 17 days ago - Pushed at: 19 days ago - Stars: 163 - Forks: 26
CycloneDX/cyclonedx-gomod
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
Language: Go - Size: 5.46 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 151 - Forks: 26
CycloneDX/cyclonedx-node-module
creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
Size: 1.13 MB - Last synced at: 9 days ago - Pushed at: 2 months ago - Stars: 127 - Forks: 38
CycloneDX/cyclonedx-rust-cargo
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
Language: Rust - Size: 2.53 MB - Last synced at: 7 days ago - Pushed at: 18 days ago - Stars: 123 - Forks: 49
CycloneDX/cyclonedx-node-npm
Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
Language: JavaScript - Size: 24.3 MB - Last synced at: 7 days ago - Pushed at: 13 days ago - Stars: 84 - Forks: 23
intelops/compage
Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Operators, K8s hooks, etc. with minimal coding and by automatically applying best practice methods like software supply chain security measures, SBOM, openAPI, cloudevents, etc. Auto generate code after defining requirements in UI as diagram.
Language: Go - Size: 28.1 MB - Last synced at: 5 months ago - Pushed at: 8 months ago - Stars: 83 - Forks: 21
nikstur/bombon
Nix CycloneDX Software Bills of Materials (SBOMs)
Language: Rust - Size: 393 KB - Last synced at: 14 days ago - Pushed at: about 1 month ago - Stars: 78 - Forks: 10
oxsecurity/codetotal
Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.
Language: TypeScript - Size: 43.2 MB - Last synced at: 13 days ago - Pushed at: 8 months ago - Stars: 76 - Forks: 10
interlynk-io/sbomasm
SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.
Language: Go - Size: 1.27 MB - Last synced at: 26 days ago - Pushed at: 26 days ago - Stars: 65 - Forks: 8
CycloneDX/cyclonedx-php-composer
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Language: PHP - Size: 1.39 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 63 - Forks: 7
CERTCC/SBOM
Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
Language: JavaScript - Size: 1.92 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 54 - Forks: 17
edoardottt/depsdev
CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.
Language: Go - Size: 157 KB - Last synced at: 19 days ago - Pushed at: 2 months ago - Stars: 51 - Forks: 7
scanoss/sbom-workbench
The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.
Language: TypeScript - Size: 18.3 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 50 - Forks: 12
CycloneDX/cyclonedx-linux-generator
Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions
Language: Java - Size: 4.32 MB - Last synced at: 6 days ago - Pushed at: 12 months ago - Stars: 47 - Forks: 15
DEMCON/cmake-sbom
Guided SBOM generation from CMake
Language: CMake - Size: 86.9 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 30 - Forks: 6
anthonyharrison/sbom4python
A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
Language: Python - Size: 258 KB - Last synced at: 10 days ago - Pushed at: about 1 month ago - Stars: 30 - Forks: 8
oss-review-toolkit/ort-ci-github-action
Run ORT in your GitHub action workflow to do licensing, security and best practices checks and generate reports/SBOMs
Size: 69.3 KB - Last synced at: 6 days ago - Pushed at: about 2 months ago - Stars: 30 - Forks: 11
LLNL/Surfactant
Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
Language: Python - Size: 1.2 MB - Last synced at: 4 days ago - Pushed at: 5 days ago - Stars: 28 - Forks: 17
CycloneDX/cyclonedx-webpack-plugin
Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
Language: JavaScript - Size: 7.31 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 26 - Forks: 9
CycloneDX/cyclonedx-ruby-gem
Creates CycloneDX Software Bill of Materials (SBOM) from Ruby projects
Language: Ruby - Size: 85.9 KB - Last synced at: 6 days ago - Pushed at: over 1 year ago - Stars: 26 - Forks: 18
anthonyharrison/lib4sbom
Library to ingest and generate SBOMs
Language: HTML - Size: 1.99 MB - Last synced at: 10 days ago - Pushed at: 11 days ago - Stars: 25 - Forks: 16
CycloneDX/cyclonedx-conan 📦
Creates CycloneDX Software Bill of Materials (SBOM) documents for C/C++ projects using Conan
Language: Python - Size: 108 KB - Last synced at: about 2 hours ago - Pushed at: over 1 year ago - Stars: 25 - Forks: 15
SBOM-Community/SBOM-Generation
Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team
Language: Python - Size: 402 KB - Last synced at: 15 days ago - Pushed at: 21 days ago - Stars: 24 - Forks: 8
SecureStackCo/actions-sbom
A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements, and has the SBOM to show it!
Size: 1.05 MB - Last synced at: 1 day ago - Pushed at: almost 2 years ago - Stars: 24 - Forks: 3
kube-security/orca
This repository contains the container image scanning tool ORCA
Language: Python - Size: 485 KB - Last synced at: 14 days ago - Pushed at: 14 days ago - Stars: 23 - Forks: 0
lsto/swift-package-sbom 📦
A software bill of materials (SBoM) generator for Swift packages
Language: Swift - Size: 26.4 KB - Last synced at: 5 months ago - Pushed at: almost 4 years ago - Stars: 23 - Forks: 2
anthonyharrison/distro2SBOM
Generates SBOM files from system packaging information
Language: Python - Size: 84 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 22 - Forks: 12
CycloneDX/cyclonedx-node-yarn
Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.
Language: JavaScript - Size: 5.97 MB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 22 - Forks: 6
CycloneDX/cyclonedx-cocoapods
Creates CycloneDX Software Bill-of-Materials (SBOM) from Objective-C and Swift projects that use CocoaPods.
Language: Ruby - Size: 355 KB - Last synced at: 16 days ago - Pushed at: 2 months ago - Stars: 22 - Forks: 14
CycloneDX/gh-node-module-generatebom
GitHub action to generate a CycloneDX SBOM for Node.js
Language: JavaScript - Size: 124 KB - Last synced at: 6 days ago - Pushed at: 3 months ago - Stars: 21 - Forks: 6
tweag/genealogos
Genealogos, a Nix sbom generator
Language: Rust - Size: 6.71 MB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 18 - Forks: 0
hrbrmstr/sbom
Generate Software Bill of Materials for R Things
Language: R - Size: 39.1 KB - Last synced at: 18 days ago - Pushed at: about 1 year ago - Stars: 18 - Forks: 2
CycloneDX/cyclonedx-node-pnpm
Create CycloneDX Software Bill of Materials (SBOM) from Node.js PNPM projects.
Size: 780 KB - Last synced at: 6 days ago - Pushed at: 3 months ago - Stars: 14 - Forks: 5
CycloneDX/gh-python-generate-sbom
GitHub action to generate a CycloneDX SBOM for Python
Language: JavaScript - Size: 118 KB - Last synced at: 6 days ago - Pushed at: 3 months ago - Stars: 14 - Forks: 4
oss-review-toolkit/ort-ci-gitlab
Use ORT in your GitLab pipelines
Size: 280 KB - Last synced at: 6 days ago - Pushed at: 9 months ago - Stars: 14 - Forks: 17
louib/nix2sbom
nix2sbom extracts the CycloneDX and SPDX SBOM (Software Bill of Materials) from a Nix derivation
Language: Rust - Size: 285 KB - Last synced at: 17 days ago - Pushed at: 3 months ago - Stars: 12 - Forks: 1
vinted/sbomsftw
Tool for SBOM (Software Bill Of Materials) collection from filesystems & GitHub repositories.
Language: Go - Size: 35.6 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 11 - Forks: 2
CycloneDX/cyclonedx-buildroot
Create CycloneDX Software Bill of Materials (SBOM) for Buildroot projects
Language: Python - Size: 349 KB - Last synced at: 6 days ago - Pushed at: 7 days ago - Stars: 11 - Forks: 6
janbiasi/rollup-plugin-sbom
Create SBOMs in CycloneDX format for your Vite or Rollup projects with ease
Language: TypeScript - Size: 676 KB - Last synced at: 3 days ago - Pushed at: 14 days ago - Stars: 11 - Forks: 3
CycloneDX/gh-gomod-generate-sbom
GitHub action to generate a CycloneDX SBOM for Go modules
Language: JavaScript - Size: 350 KB - Last synced at: 6 days ago - Pushed at: about 1 year ago - Stars: 10 - Forks: 5
CycloneDX/gh-dotnet-generate-sbom
GitHub action to generate a CycloneDX SBOM for .NET
Language: JavaScript - Size: 44.9 KB - Last synced at: 6 days ago - Pushed at: over 1 year ago - Stars: 10 - Forks: 4
SoftwareDesignLab/SBOM-in-a-Box
SBOM-in-a-Box is a unified platform to promote the production, consumption, and utilization of Software Bills of Materials.
Language: Java - Size: 75.2 MB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 8 - Forks: 0
anthonyharrison/sbom4files
SBOM generator for files within a directory
Language: Python - Size: 51.8 KB - Last synced at: 10 days ago - Pushed at: 4 months ago - Stars: 7 - Forks: 1
siemens/standard-bom-java
A Java library for creating and consuming SBOMs in Standard BOM format
Language: Java - Size: 660 KB - Last synced at: about 22 hours ago - Pushed at: 5 days ago - Stars: 6 - Forks: 3
rhyskoedijk/sbom-azure-devops
🛠️ Tool for generating SPDX 2.2/2.3 SBOMs from Azure DevOps repository artifacts using https://github.com/microsoft/sbom-tool
Language: TypeScript - Size: 2.99 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 5 - Forks: 2
darkwizard242/ansible-role-syft
Ansible role for 'syft'. Available on Ansible Galaxy.
Language: Python - Size: 127 KB - Last synced at: 20 days ago - Pushed at: about 1 month ago - Stars: 5 - Forks: 0
paulveillard/cybersecurity-secure-software-supplychain-lifecyle
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Secure Software Supply Chain Lifecycle in Cybersecurity.
Language: HTML - Size: 4.81 MB - Last synced at: 24 days ago - Pushed at: 3 months ago - Stars: 5 - Forks: 1
edgebitio/sbom-server
Generates SBOMs remotely in a verifiable manner (SLSA Build L3)
Language: Rust - Size: 117 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 5 - Forks: 1
anthonyharrison/sbom4rust
SBOM4Rust generates a Software Bill of Materials (SBOM) for a Rust component.
Language: Python - Size: 43 KB - Last synced at: 10 days ago - Pushed at: 4 months ago - Stars: 5 - Forks: 1
SamuraiAku/SPDX.jl
Provides for the creation, reading and writing of SPDX files in multiple file formats. Written in pure Julia.
Language: Julia - Size: 250 KB - Last synced at: 22 days ago - Pushed at: 11 months ago - Stars: 5 - Forks: 1
reversinglabs/rl-scanner
ReversingLabs rl-scanner Docker image
Language: Python - Size: 157 KB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 4 - Forks: 0
mtsfoni/cdx-enrich
Enriches CycloneDX Software Bills of Materials (SBOM) with predefined data
Language: C# - Size: 43.9 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 4 - Forks: 1
jotterson/sbom-validator
Use SBOM metadata to validate release integrity.
Language: Python - Size: 593 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 4 - Forks: 0
whitespots/boomer
Tiny BOM generator for your CI
Language: Python - Size: 51.8 KB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 3 - Forks: 0
FiniteStateInc/finite-state-sdk-python
Python SDK for the Finite State Platform API
Language: Python - Size: 1.66 MB - Last synced at: about 5 hours ago - Pushed at: 3 months ago - Stars: 3 - Forks: 1
PowerCommands/SecTools
PainKiller Security Tools
Language: C# - Size: 361 KB - Last synced at: 21 days ago - Pushed at: over 1 year ago - Stars: 2 - Forks: 1
codenotary/sbom.sh-container
Dockerfile and scripts to build a container image that facilitates generating and uploading Software Bill of Materials (SBOM) to sbom.sh utilizing various open-source SBOM tools such as Trivy, Grype, and Syft.
Language: Shell - Size: 8.79 KB - Last synced at: 7 days ago - Pushed at: over 1 year ago - Stars: 2 - Forks: 0
nexB/turbo-spdx
Fast and lightweight Python library for parsing and writing SPDX JSON documents correctly.
Language: Python - Size: 183 KB - Last synced at: 10 months ago - Pushed at: about 2 years ago - Stars: 2 - Forks: 1
nightlark/anchore-syft-wheel
Python wheels for installing Anchore's Syft tool for generating a Software Bill of Materials
Language: CMake - Size: 82 KB - Last synced at: 21 days ago - Pushed at: 21 days ago - Stars: 1 - Forks: 1
shiftleftcyber/ShiftSBOMGen
A pure client side Software Bill of Materials (SBOM) generator for various project types. Supports CycloneDX & SPDX.
Language: Makefile - Size: 19.5 KB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 1 - Forks: 0
Zheng-Bote/header_docu_qt
header_docu - file header parser for SBOM SPDX/CycloneDX
Language: C++ - Size: 80.1 KB - Last synced at: 2 days ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
CycloneDX/gh-cocoapods-generate-sbom
GitHub action to generate a CycloneDX SBOM for Swift and Objective-C projects that use CocoaPods.
Size: 7.81 KB - Last synced at: about 2 months ago - Pushed at: about 2 years ago - Stars: 1 - Forks: 2
veracode/srcclr_sbom_gen Fork of srcclr/srcclr_sbom_gen
Generates a Software Bill of Materials in CycloneDX JSON Format from Veracode SCA Agent results.
Language: Python - Size: 8.79 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 1
giterlizzi/perl-SBOM-CycloneDX
CycloneDX library for Perl
Language: Perl - Size: 479 KB - Last synced at: 6 days ago - Pushed at: 21 days ago - Stars: 0 - Forks: 0
sbom-observer/build-observer
build-observer is a tool to observe the build process of a project and create a log of all files that are read, written or executed during the build.
Language: Go - Size: 10.5 MB - Last synced at: 28 days ago - Pushed at: 28 days ago - Stars: 0 - Forks: 0
giterlizzi/perl-App-CPAN-SBOM
SBOM (Software Bill of Materials) for CPAN
Language: Perl - Size: 12.7 KB - Last synced at: 6 days ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0
DockForge/SBOMinify
SBOMinify is a GitHub Action to capture and list installed packages and their versions in a Docker image, generating Software Bill of Materials (SBOM) files. This action leverages some special technics to scan Docker images and output SBOM files in both table and JSON formats.
Language: Shell - Size: 2.23 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
CycloneDX/gh-php-composer-generate-sbom
GitHub action to generate a CycloneDX SBOM for PHP Composer
Language: JavaScript - Size: 147 KB - Last synced at: 6 days ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
engelmi/sbom4rpm
SBOM4RPMs analyzes the runtime dependencies of RPMS and outputs SBOMs in SPDX or CycloneDX format
Language: Python - Size: 200 KB - Last synced at: about 2 months ago - Pushed at: 12 months ago - Stars: 0 - Forks: 1
dj-wasabi/versiondb
sBOM generator and storing versions of artifacts
Language: Python - Size: 85.9 KB - Last synced at: 15 days ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
bcgov/nr-sbom-generator
This script will generate SBOM for repositories under bcgov and starts with "nr-". This will be based on manual input of public code yaml and scraping the repositories in bcgov with "nr-" for dependencies
Language: JavaScript - Size: 13.7 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0
