CLI tool and library for generating a Software Bill of Materials from container images and filesystems
-
Updated
May 24, 2024 - Go
#
cyclonedx
Here are 122 public repositories matching this topic...
A vulnerability scanner for container images and filesystems
go
docker
golang
security
tool
containers
static-analysis
oci
vulnerability
vex
vulnerabilities
hacktoberfest
container-image
cyclonedx
openvex
-
Updated
May 24, 2024 - Go
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962
docker
containers
supply-chain
owasp
bom
oci
sca
software-bill-of-materials
purl
package-url
sbom
cyclonedx
saasbom
mlbom
-
Updated
May 24, 2024 - JavaScript
Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.
nodejs
node
yarn
bom
bill-of-materials
software-bill-of-materials
sbom
cyclonedx
yarn-plugin
sbom-generator
sbom-tool
-
Updated
May 24, 2024 - JavaScript
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
security
open-source-licensing
compliance
license
spdx
attestation
devsecops
ospo
oss-compliance
sbom
in-toto
cyclonedx
slsa
supply-chain-security
sbom-distribution
slsa-provenance
metadata-platform
sbom-discovery
regulated-industry
-
Updated
May 24, 2024 - Go
A suite of tools to automate software compliance checks.
package-manager
open-source-licensing
dependency-graph
compliance
dependencies
license
spdx
copyright
hacktoberfest
license-management
sca
license-checking
license-scan
package-scan
copyright-scan
ospo
oss-compliance
sbom
cyclonedx
sbom-generator
-
Updated
May 24, 2024 - Kotlin
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX
machine-learning
supply-chain
owasp
specification
standard
bom
software
vex
license
spdx
cpe
software-security
swid
bill-of-materials
software-bill-of-materials
sbom
cyclonedx
mbom
saasbom
cbom
-
Updated
May 24, 2024 - XSLT
Core functionality of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.
javascript
json
library
node
typescript
web
xml
owasp
bom
vex
vdr
spdx
bill-of-materials
software-bill-of-materials
sbom
software-library
cyclonedx
obom
mbom
saasbom
-
Updated
May 24, 2024 - TypeScript
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
security
owasp
bom
vulnerabilities
vulndb
appsec
component-analysis
nvd
vulnerability-detection
sca
software-security
security-automation
devsecops
software-composition-analysis
bill-of-materials
ossindex
purl
package-url
sbom
cyclonedx
-
Updated
May 24, 2024 - Java
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
docker
open-source
virtual-machine
vulnerabilities
license
spdx
sca
scancode
software-composition-analysis
purl
package-url
cyclonedx
foss-compliance
-
Updated
May 24, 2024 - Python
SBOM quality score - Quality metrics for your sboms
go
golang
spdx
security-tools
sbom
cyclonedx
devsecops-pipeline
supply-chain-security
sbom-examples
sbom-tool
sbom-quality
sbom-score
sbom-samples
-
Updated
May 24, 2024 - Go
Transform SBOM contents into a formatted document including markdown and PDF formats
-
Updated
May 23, 2024 - Python
Create CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
javascript
webpack
webpack-plugin
owasp
bom
spdx
bill-of-materials
software-bill-of-materials
purl
package-url
sbom
cyclonedx
sbom-generator
mbom
sbom-tool
-
Updated
May 23, 2024 - TypeScript
Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
nodejs
npm
node
dependency-graph
owasp
bom
bill-of-materials
software-bill-of-materials
sbom
cyclonedx
sbom-generator
sbom-tool
-
Updated
May 23, 2024 - TypeScript
creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
nodejs
node
dependency-graph
bom
metapackage
meta-package
software-bill-of-materials
sbom
cyclonedx
sbom-generator
sbom-tool
-
Updated
May 23, 2024
GitHub app for SBOM creation using cdxgen and upload to Dependency-Track
-
Updated
May 23, 2024 - Java
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
rust
owasp
cargo
bom
vex
spdx
bill-of-materials
software-bill-of-materials
purl
package-url
cargo-plugin
sbom
cyclonedx
sbom-generator
obom
mbom
saasbom
-
Updated
May 23, 2024 - Rust
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
security-audit
containers
dependency-analysis
vex
compliance
cve
sca
vulnerability-scanners
security-tools
devsecops
reachability-analysis
sbom
cyclonedx
supply-chain-security
risk-audit
dependency-audit
-
Updated
May 23, 2024 - Python
Python implementation of OWASP CycloneDX
python
library
owasp
bom
vex
spdx
attestation
bill-of-materials
software-bill-of-materials
purl
package-url
sbom
software-library
cyclonedx
obom
mbom
saasbom
cbom
-
Updated
May 23, 2024 - Python
Improve this page
Add a description, image, and links to the cyclonedx topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the cyclonedx topic, visit your repo's landing page and select "manage topics."