#

oss-compliance

Here are 23 public repositories matching this topic...

nexB / scancode-toolkit

🔍 ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!

Updated Apr 30, 2024
Python

ort

oss-review-toolkit / ort

A suite of tools to automate software compliance checks.

Updated Apr 30, 2024
Kotlin

tern-tools / tern

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.

python docker open-source tool containers compliance dependencies spdx metadata-extraction risk-management software-composition-analysis oss-compliance sbom supply-chain-security

Updated Mar 12, 2024
Python

chainloop-dev / chainloop

Chainloop is an Open Source Metadata Vault for your Software Supply Chain metadata, SBOMs, VEX, SARIF files, QA reports, and more.

security open-source-licensing compliance license spdx attestation devsecops ospo oss-compliance sbom in-toto cyclonedx slsa supply-chain-security sbom-distribution slsa-provenance metadata-platform sbom-discovery regulated-industry

Updated Apr 30, 2024
Go

bureado / awesome-software-supply-chain-security

A compilation of resources in the software supply chain security domain, with emphasis on open source

static-analysis awesome-list security-vulnerability dependencies vulnerability-management software-supply-chain cve-scanning attestation package-management reproducible-builds devsecops software-composition-analysis vulnerability-scanning dependency-management oss-compliance sbom supply-chain-security supply-chain-attacks software-supply-chain-security

Updated Apr 24, 2023

nexB / scancode-workbench

📊 ScanCode Workbench is a desktop app to review and conclude license and origin from code scans generated by ScanCode Toolkit.

scancode oss-compliance software-licensing scancode-workbench

Updated Mar 8, 2024
TypeScript

Open-Source-Compliance / Sharing-creates-value

This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles

oss oss-compliance

Updated Mar 21, 2024
Rich Text Format

barista

Optum / barista

project barista - open source license and vulnerability management

oss license-management license-checking license-scan oss-compliance

Updated Jul 26, 2023
TypeScript

opossum-tool / OpossumUI

A light-weight app to audit and inventory large codebases for open source license compliance.

spdx package-dependency remediation license-scan copyright-scan software-composition-analysis codescan oss-compliance software-bill-of-materials

Updated May 1, 2024
TypeScript

rmkanda / tools

Curated list of security tools

kubernetes security list cloud oss tools osc scanner security-tools devsecops sast dast oss-compliance

Updated Jan 17, 2024

CodeScoring / awesome-open-source-licensing

Cool links, tools & papers related to Open Source Licensing

licensing awesome open-source-licensing awesome-list license license-management license-scan oss-compliance software-licensing

Updated Jan 29, 2022

package-analysis

Open-Source-Compliance / package-analysis

This repo contains license and copyright analysis results of open source packages. It further contains other license compliance relevant artifacts, which might be of value for others

oss-compliance license-compliance oss-package-analysis license-analysis copyright-analysis

Updated Apr 30, 2024
Python

oss-review-toolkit / ort-workbench

A desktop workbench for OSS Review Toolkit result files.

oss-compliance oss-review-toolkit

Updated Apr 29, 2024
Kotlin

nexB / deltacode

DeltaCode: compare two codebase scans (from ScanCode) to detect significant changes.

scancode oss-compliance software-licensing deltacode

Updated Nov 29, 2023
Python

heriet / hatto

CLI for software license check

license license-checking oss-compliance

Updated Aug 7, 2022
Rust

iris-GmbH / meta-osselot

bitbake layer repository for intergrating osselot into the build process

yocto-layer yocto bitbake oss-compliance license-compliance oss-package-analysis license-analysis copyright-analysis osselot bitbake-layer

Updated Apr 17, 2024
BitBake

joshdk / licensor

📝 Detect what license a project is distributed under

golang oss compliance license spdx spdx-license license-management licenses license-checking license-scan oss-compliance

Updated Sep 11, 2018
Shell

paulveillard / cybersecurity-secure-software-supplychain-lifecyle

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Secure Software Supply Chain Lifecycle in Cybersecurity.

manifest supply-chain provenance vex dependencies scanning cve-scanning attestation devsecops supply-chain-management oss-compliance supply-chain-analytics cve-search sbom supply-chain-security risk-based sbom-generator

Updated Jan 19, 2024

git-authorship

thehale / git-authorship

See who wrote each line of code in your git repository with interactive reports.

git education reporting grading spdx copyright hacktoberfest git-blame oss-compliance

Updated Apr 29, 2024
Python

WileyLabs / license-me-maybe

Check a GitHub organization's repositories' license choices

github vuejs semantic-ui oss-licenses oss-compliance

Updated May 30, 2019
HTML

Improve this page

Add a description, image, and links to the oss-compliance topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the oss-compliance topic, visit your repo's landing page and select "manage topics."