purl
There are 64 repositories under purl topic.
DependencyTrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
aboutcode-org/scancode-toolkit
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
package-url/purl-spec
A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
CycloneDX/cdxgen
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server
aboutcode-org/vulnerablecode
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
CycloneDX/cyclonedx-cli
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
CycloneDX/cyclonedx-maven-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
CycloneDX/cyclonedx-python
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
aboutcode-org/aboutcode
AboutCode project: tools and data to uncover things about code: the provenance, origin, license, and more (packages, security, quality, etc.) of FOSS code. Get started at https://aboutcode.readthedocs.io/
CycloneDX/cyclonedx-dotnet
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
tiiuae/sbomnix
A suite of utilities to help with software supply chain challenges on nix targets
CycloneDX/cyclonedx-gradle-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
aboutcode-org/scancode.io
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
CycloneDX/cyclonedx-rust-cargo
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
AppThreat/vulnerability-db
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers.
CycloneDX/sbom-utility
Utility that provides an API platform for validating, querying and managing BOM data
nikstur/bombon
Nix CycloneDX Software Bills of Materials (SBOMs)
CycloneDX/cyclonedx-core-java
CycloneDX SBOM Model and Utils for Creating and Validating BOMs
CycloneDX/cyclonedx-python-lib
Python implementation of OWASP CycloneDX
package-url/packageurl-python
Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and other generous sponsors.
CycloneDX/cyclonedx-php-composer
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
package-url/packageurl-go
Go implementation of the package url spec
aboutcode-org/purldb
Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ and nexB for https://www.aboutcode.org/ Chat is at https://gitter.im/aboutcode-org/discuss
kube-security/orca
This repository contains the container image scanning tool ORCA
package-url/packageurl-java
Java/JVM implementation of the package url spec
CycloneDX/cyclonedx-web-tool
A web based tool for working with CycloneDX BOMs
aboutcode-org/univers
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
aboutcode-org/dejacode
Automate open source license compliance and ensure software supply chain integrity
VexStore/fatbom
fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool's strength.
CycloneDX/cyclonedx-ruby-gem
Creates CycloneDX Software Bill of Materials (SBOM) from Ruby projects
package-url/packageurl-js
JavaScript implementation of the package url spec
CycloneDX/cyclonedx-webpack-plugin
Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
CycloneDX/cyclonedx-conan
Creates CycloneDX Software Bill of Materials (SBOM) documents for C/C++ projects using Conan
package-url/packageurl-swift
Swift implementation of the package url spec
package-url/packageurl-dotnet
.NET implementation of the package url spec
louib/nix2sbom
nix2sbom extracts the CycloneDX and SPDX SBOM (Software Bill of Materials) from a Nix derivation