purl
There are 47 repositories under purl topic.
DependencyTrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
nexB/scancode-toolkit
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
package-url/purl-spec
A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
nexB/vulnerablecode
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
CycloneDX/cdxgen
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962
CycloneDX/cyclonedx-maven-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
CycloneDX/cyclonedx-cli
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
CycloneDX/cyclonedx-python
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
CycloneDX/cyclonedx-dotnet
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
CycloneDX/cyclonedx-gradle-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
tiiuae/sbomnix
A suite of utilities to help with software supply chain challenges on nix targets
nexB/scancode.io
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
AppThreat/vulnerability-db
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.
CycloneDX/cyclonedx-rust-cargo
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
CycloneDX/sbom-utility
Utility that provides an API platform for validating, querying and managing BOM data
CycloneDX/cyclonedx-core-java
CycloneDX SBOM Model and Utils for Creating and Validating BOMs
package-url/packageurl-python
Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and other generous sponsors.
CycloneDX/cyclonedx-python-lib
Python implementation of OWASP CycloneDX
nikstur/bombon
Nix CycloneDX Software Bills of Materials (SBOMs)
package-url/packageurl-go
Go implementation of the package url spec
CycloneDX/cyclonedx-php-composer
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
VexStore/fatbom
fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool's strength.
nexB/purldb
Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ and nexB for https://www.aboutcode.org/ Chat is at https://gitter.im/aboutcode-org/discuss
nexB/univers
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
CycloneDX/cyclonedx-web-tool
A web based tool for working with CycloneDX BOMs
CycloneDX/cyclonedx-conan
Creates CycloneDX Software Bill of Materials (SBOM) documents for C/C++ projects using Conan
CycloneDX/cyclonedx-webpack-plugin
Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
package-url/packageurl-java
Java/JVM implementation of the package url spec
package-url/packageurl-js
JavaScript implementation of the package url spec
package-url/packageurl-swift
Swift implementation of the package url spec
CycloneDX/cyclonedx-ruby-gem
Creates CycloneDX Software Bill of Materials (SBOM) from Ruby projects
nexB/dejacode
Automate open source license compliance and ensure software supply chain integrity
package-url/packageurl-dotnet
.NET implementation of the package url spec
phylum-dev/purl
Package URL implementation for Rust
louib/nix2sbom
nix2sbom extracts the SBOM (Software Bill of Materials) from a Nix derivation
package-url/packageurl-php
PHP implementation of the package url spec