Skip to content
View stevespringett's full-sized avatar
344 followers · 2 following

Highlights

  • Pro

Organizations

@OWASP @CycloneDX @package-url @DependencyTrack @Ecma-TC54
Block or Report

Block or report stevespringett

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned

  1. DependencyTrack/dependency-track DependencyTrack/dependency-track Public

    Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

    Java 2.3k 507

  2. CycloneDX/specification CycloneDX/specification Public

    OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, an…

    XSLT 326 55

  3. package-url/purl-spec package-url/purl-spec Public

    A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby

    618 144

  4. OWASP/Software-Component-Verification-Standard OWASP/Software-Component-Verification-Standard Public

    Software Component Verification Standard (SCVS)

    Python 131 36

  5. CPE-Parser CPE-Parser Public

    A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST

    Java 45 15

  6. cvss-calculator cvss-calculator Public

    A Java library for calculating CVSSv2, CVSSv3, and CVSSv4 scores and vectors

    Java 33 22