ericodonoghue's Stars
HckEX/AutoMetric
Measure OSS Quality Metrics
eclipse/steady
Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
MSUSEL/msusel-pique-sbom-supplychain-sec
interlynk-io/sbomqs
SBOM quality score - Quality metrics for your sboms