arybak
Experienced Technology Professional Specializing in Open Source IP & Security Management/Compliance | SCA | OSPO | Open Chain | SBOM | SW Supply Chain Security
@flexera California
arybak's Stars
CycloneDX/transparency-exchange-api
A standard API specification for exchanging supply chain artifacts and intelligence
spdx/ntia-conformance-checker
Check SPDX SBOM for NTIA minimum elements
flexera-public/sca-codeinsight-reports-spdx
Code Insight SPDX report
flexera-public/sca-codeinsight-reports-cyclonedx
flexera-public/sca-codeinsight-reports-third-party-notices
The sca-codeinsight-reports-third-party-notices repository is a report for Revenera's Code Insight product. This report allows a user to generate a Third Party Notices report to satisfy the attribution requirement of open source licenses. This report will automatically include licenses with attribution data where available.
flexera-public/sca-codeinsight-reports-project-sbom
OpenChain-Project/Reference-Material
This repository contains the reference material related to the OpenChain Project
org-metaeffekt/metaeffekt-universe
Project providing insights on the metaeffekt license database.
anchore/syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
flexera-public/sca-codeinsight-utilities-inventory-search
Code Insight v7 Inventory Keyword Search Script
microsoft/scim
Supply Chain Integrity Model
ibrahimhaddad/charts
This repo contains individual open source charts & infographics available for anyone to use / re-use as they wish.
google/licensecheck
The licensecheck package classifies license files and heuristically determines how well they correspond to known open source licenses.
tern-tools/tern
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
flexera-public/sca-codeinsight-workflow-v6
Script that allows users to correlate inventory items in Code Insight v7 with requests in Code Insight v6
IonicaBizau/made-in-brazil
🇧🇷 A list of neat projects made in Brazil.
jeff-luszcz/jeff-luszcz
Jeff Luszcz's Github README location
nexB/scancode-toolkit
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
sorrycc/awesome-javascript
🐢 A collection of awesome browser-side JavaScript libraries, resources and shiny things.
jeremylong/DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.