oss-compliance
There are 2 repositories under oss-compliance topic.
nexB / scancode-toolkit
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
Language:Python 1971- ort
oss-review-toolkit / ort
A suite of tools to automate software compliance checks.
Language:Kotlin 1474 tern-tools / tern
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
Language:Python 931chainloop-dev / chainloop
Chainloop is an Open Source Metadata Vault for your Software Supply Chain metadata, SBOMs, VEX, SARIF files, QA reports, and more.
Language:Go 305bureado / awesome-software-supply-chain-security
A compilation of resources in the software supply chain security domain, with emphasis on open source
reproducible-buildssupply-chain-securitydevsecopsvulnerability-scanningsecurity-vulnerabilityvulnerability-managementsupply-chain-attackssbompackage-managementdependency-managementstatic-analysissoftware-composition-analysisoss-compliancesoftware-supply-chainsoftware-supply-chain-securitydependenciescve-scanningattestationawesome-list:bar_chart: ScanCode Workbench is a desktop app to review and conclude license and origin from code scans generated by ScanCode Toolkit.
Language:TypeScript 144Open-Source-Compliance / Sharing-creates-value
This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles
Language:Rich Text Format 81- baristaLanguage:TypeScript 73
opossum-tool / OpossumUI
A light-weight app to audit and inventory large codebases for open source license compliance.
Language:TypeScript 55CodeScoring / awesome-open-source-licensing
Cool links, tools & papers related to Open Source Licensing
- package-analysis
This repo contains license and copyright analysis results of open source packages. It further contains other license compliance relevant artifacts, which might be of value for others
Language:Python 34 A desktop workbench for OSS Review Toolkit result files.
Language:Kotlin 24DeltaCode: compare two codebase scans (from ScanCode) to detect significant changes.
Language:Python 19- Language:Rust 5
iris-GmbH / meta-osselot
bitbake layer repository for intergrating osselot into the build process
Language:BitBake 5- Language:Shell 4
paulveillard / cybersecurity-secure-software-supplychain-lifecyle
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Secure Software Supply Chain Lifecycle in Cybersecurity.
- git-authorship
thehale / git-authorship
See who wrote each line of code in your git repository with interactive reports.
Language:Python 2 Richardsonjordan92 / webapp2.0
Webapp for custom data usage
freight-trust / legal
Legal Notifications, EULAs, ToS, GDPR, Software License Assessments and SPDX Licenses that we use
Language:Roffjeremiah / Fossology-Docker-Deploy-Scripts
Deploy scripts for FOSSology Docker container
Language:Shelltsteenbe / openchain-spec
OpenChain Specification
Language:JavaScriptWileyLabs / license-me-maybe
Check a GitHub organization's repositories' license choices
Language:HTML
