software-bill-of-materials

There are 6 repositories under software-bill-of-materials topic.

• XmirrorSecurity / OpenSCA-cli

  OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

  scadevsecopssecuritysbomsoftware-bill-of-materialssoftware-composition-analysissoftware-supply-chainsoftware-supply-chain-securitystatic-analysisvulnerabilitieslicense-compliancecyclonedxspdxswid
  Language:Go 1061
• cdxgen

  CycloneDX / cdxgen

  Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server

  bomcbomcontainerscyclonedxdockerociowasppackage-urlpurlsaasbomsbomscasoftware-bill-of-materialssupply-chain
  Language:JavaScript 785

• awesomeSBOM / awesome-sbom

  A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles

  awesomeawesome-reposawesome-sbomsbomsbom-examplessbom-generatorsoftware-bill-of-materials
  539

• microsoft / component-detection

  Scans your project to determine what components you use

  static-analysisdependenciespackage-managementsoftware-composition-analysissbomsoftware-bill-of-materials
  Language:C# 502
• specification

  CycloneDX / specification

  OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX

  bill-of-materialsbomsoftwarespdxcpelicensesoftware-bill-of-materialssbomcyclonedxswidowaspsupply-chainstandardspecificationsaasbomvexmbommachine-learningcbomtc54
  Language:XSLT 425
• cyclonedx-cli

  CycloneDX / cyclonedx-cli

  CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.

  bombill-of-materialssoftware-bill-of-materialspurlpackage-urlsbomcyclonedxspdxowaspsbom-generatorobommbomsaasbomvexhacktoberfest
  Language:C# 402

• spdx / spdx-spec

  The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.

  bill-of-materialslicenseslinux-foundationsbomsoftware-bill-of-materialssoftware-package-data-exchangesoftware-transparencyspdxspdx-sbomspecification
  Language:Python 341
• cyclonedx-maven-plugin

  CycloneDX / cyclonedx-maven-plugin

  Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

  bill-of-materialsbomcyclonedxmavenmaven-pluginmbomobomowasppackage-urlpurlsaasbomsbomsbom-generatorsoftware-bill-of-materialsspdxvex
  Language:Java 332
• cyclonedx-python

  CycloneDX / cyclonedx-python

  CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

  pythonpipbomsbomspdxbill-of-materialssoftware-bill-of-materialspackage-urlpurlcyclonedxowaspsbom-generatorpython3poetrycondarequirementsenvironmentsbom-toolhacktoberfest
  Language:Python 325
• cyclonedx-dotnet

  CycloneDX / cyclonedx-dotnet

  Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects

  bomspdxdotnetdotnet-corebill-of-materialssoftware-bill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorhacktoberfestobommbomsaasbomvex
  Language:C# 236
• bom-examples

  CycloneDX / bom-examples

  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)

  cyclonedxsoftware-bill-of-materialssbombombill-of-materialsowaspsbom-examplesobommbomvexsaasbom
  202
• cyclonedx-gradle-plugin

  CycloneDX / cyclonedx-gradle-plugin

  Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects

  bill-of-materialsbomcyclonedxgradlegradle-pluginowasppackage-urlpurlsbomsbom-generatorsoftware-bill-of-materialsspdx
  Language:Java 199

• tiiuae / sbomnix

  A suite of utilities to help with software supply chain challenges on nix targets

  cyclonedxnixsbomsbom-generatorsbom-toolpythonbill-of-materialscpedependenciespurlsoftware-bill-of-materialssecurityspdx-sbomstatic-analysisvulnerability-scannerssoftware-supply-chainsoftware-supply-chain-security
  Language:Python 198
• cyclonedx-gomod

  CycloneDX / cyclonedx-gomod

  Creates CycloneDX Software Bill of Materials (SBOM) from Go modules

  bill-of-materialsbomsoftware-bill-of-materialssbomgolanggo-modulesowaspsbom-generatorobommbomsaasbomvex
  Language:Go 162
• cyclonedx-rust-cargo

  CycloneDX / cyclonedx-rust-cargo

  Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects

  bomspdxrustcargocargo-pluginbill-of-materialssoftware-bill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorobommbomsaasbomvex
  Language:Rust 142
• cyclonedx-node-module

  CycloneDX / cyclonedx-node-module

  creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects

  cyclonedxmeta-packagemetapackagebomnodenodejssbomsoftware-bill-of-materialsdependency-graphsbom-generatorsbom-tool
  134
• sbom-utility

  CycloneDX / sbom-utility

  Utility that provides an API platform for validating, querying and managing BOM data

  sbombomcyclonedxsbom-toolspdxspdx-sbomvexspdx-licensebill-of-materialshacktoberfestmbomobomowasppackage-urlpurlsaasbomsoftware-bill-of-materialsvdrsbom-quality
  Language:Go 119
• cyclonedx-node-npm

  CycloneDX / cyclonedx-node-npm

  Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.

  bill-of-materialsbomcyclonedxnodenodejsnpmsbomsbom-generatorsoftware-bill-of-materialsdependency-graphsbom-toolowasphacktoberfest
  Language:JavaScript 99
• cyclonedx-core-java

  CycloneDX / cyclonedx-core-java

  CycloneDX SBOM Model and Utils for Creating and Validating BOMs

  bomspdxbill-of-materialssoftware-bill-of-materialspackage-urlpurlsbomcyclonedxowaspobommbomsaasbomvexlibrary
  Language:Java 96
• cyclonedx-go

  CycloneDX / cyclonedx-go

  Go library to consume and produce CycloneDX Software Bill of Materials (SBOM)

  bombill-of-materialssbomsoftware-bill-of-materialsgolangowaspobommbomsaasbomvexlibrary
  Language:Go 94

• spdx / spdx-3-model

  The model for the information captured in SPDX version 3 standard.

  bill-of-materialslinux-foundationontologysbomsoftware-bill-of-materialssoftware-package-data-exchangesoftware-transparencyspdxspdx-sbom
  93
• cyclonedx-python-lib

  CycloneDX / cyclonedx-python-lib

  Python implementation of OWASP CycloneDX

  pythonowaspbomspdxbill-of-materialssoftware-bill-of-materialspurlpackage-urlsbomcyclonedxobommbomsaasbomvexsoftware-libraryattestationcbomlibraryhacktoberfest
  Language:Python 85
• transparency-exchange-api

  CycloneDX / transparency-exchange-api

  A standard API specification for exchanging supply chain artifacts and intelligence

  api-specbill-of-materialsbomcyclonedxowaspsbomsbom-distributionsoftware-bill-of-materialsspecificationtc54
  Language:Shell 84

• intelops / compage

  Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Operators, K8s hooks, etc. with minimal coding and by automatically applying best practice methods like software supply chain security measures, SBOM, openAPI, cloudevents, etc. Auto generate code after defining requirements in UI as diagram.

  backend-servicescode-generationcontainerizationcontainersgraphqlgrpclow-codemicroservicessbom-generatorsoftware-bill-of-materialssoftware-supply-chain-securitywebassemblyrest-apigolangrustserverlesscosignvisual-applicationsno-codehacktoberfest
  Language:Go 84

• nikstur / bombon

  Nix CycloneDX Software Bills of Materials (SBOMs)

  cyclonedxnixnixossbombill-of-materialsbomsoftware-bill-of-materialslicensesbom-generatorcomponentsdependenciespurlspdx
  Language:Rust 78
• cyclonedx-bom-repo-server

  CycloneDX / cyclonedx-bom-repo-server

  A BOM repository server for distributing CycloneDX BOMs

  bombill-of-materialssoftware-bill-of-materialssbomcyclonedxsbom-distributionsbom-repositoryowaspobommbomsaasbomvex
  Language:C# 77
• cyclonedx-php-composer

  CycloneDX / cyclonedx-php-composer

  Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects

  bomspdxphpcomposer-pluginbill-of-materialssoftware-bill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorcomposerdependency-graphsbom-toolhacktoberfest
  Language:PHP 73

• opossum-tool / OpossumUI

  A light-weight app to audit and inventory large codebases for open source license compliance.

  spdxpackage-dependencyremediationlicense-scancopyright-scansoftware-composition-analysiscodescanoss-compliancesoftware-bill-of-materials
  Language:TypeScript 63

• goreleaser / example-supply-chain

  Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations

  goreleasergolanggosupply-chaincosignsigningsigstoresoftware-bill-of-materialssbomsyftattestationsslsaslsa-provenance
  Language:Go 58
• cyclonedx-linux-generator

  CycloneDX / cyclonedx-linux-generator

  Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions

  bill-of-materialsbomcyclonedxlinuxowaspsbomsbom-generatorsoftware-bill-of-materials
  Language:Java 49
• Sunshine

  CycloneDX / Sunshine

  Sunshine - SBOM visualization tool

  bill-of-materialsbomcyclonedxowaspsbomsoftware-bill-of-materials
  Language:HTML 40
• cyclonedx-web-tool

  CycloneDX / cyclonedx-web-tool

  A web based tool for working with CycloneDX BOMs

  bombill-of-materialssoftware-bill-of-materialspurlpackage-urlsbomcyclonedxowaspobommbomsaasbomvex
  Language:HTML 39
• cyclonedx-ruby-gem

  CycloneDX / cyclonedx-ruby-gem

  Creates CycloneDX Software Bill of Materials (SBOM) from Ruby projects

  bomspdxrubygembundlerbill-of-materialssoftware-bill-of-materialspackage-urlpurlsbomcyclonedxowaspsbom-generatorobommbomsaasbomvex
  Language:Ruby 30

• DEMCON / cmake-sbom

  Guided SBOM generation from CMake

  cmakesbomsbom-generatorsoftware-bill-of-materialsspdx
  Language:CMake 30
• Surfactant

  LLNL / Surfactant

  Modular framework for file information extraction and dependency analysis to generate accurate SBOMs

  cyclonedxdependenciesdependency-analysisdependency-graphpythonpython3sbomsbom-generatorsoftware-bill-of-materialssoftware-composition-analysisspdxstatic-analysistoolhacktoberfest
  Language:Python 28
• cyclonedx-webpack-plugin

  CycloneDX / cyclonedx-webpack-plugin

  Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.

  bomspdxbill-of-materialssoftware-bill-of-materialspackage-urlpurlsbomcyclonedxwebpack-pluginwebpackowaspsbom-generatormbomjavascriptsbom-toolhacktoberfest
  Language:JavaScript 27