OpenChain Specification
-
Updated
Jul 3, 2017 - JavaScript
OpenChain Specification
📝 Detect what license a project is distributed under
Check a GitHub organization's repositories' license choices
Cool links, tools & papers related to Open Source Licensing
A compilation of resources in the software supply chain security domain, with emphasis on open source
DeltaCode: compare two codebase scans (from ScanCode) to detect significant changes.
project barista - open source license and vulnerability management
Curated list of security tools
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Secure Software Supply Chain Lifecycle in Cybersecurity.
📊 ScanCode Workbench is a desktop app to review and conclude license and origin from code scans generated by ScanCode Toolkit.
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles
bitbake layer repository for intergrating osselot into the build process
A light-weight app to audit and inventory large codebases for open source license compliance.
See who wrote each line of code in your git repository with interactive reports.
A desktop workbench for OSS Review Toolkit result files.
🔍 ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
Add a description, image, and links to the oss-compliance topic page so that developers can more easily learn about it.
To associate your repository with the oss-compliance topic, visit your repo's landing page and select "manage topics."