Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
proxy.golang.org "cyclonedx" keyword
Top 7.7% on proxy.golang.org
12 versions - Latest release: 3 months ago - 66 stars on GitHub
github.com/snyk/parlay v0.4.0
Enrich SBOMs with data from third party services12 versions - Latest release: 3 months ago - 66 stars on GitHub
Top 5.3% on proxy.golang.org
19 versions - Latest release: 6 months ago - 393 stars on GitHub
github.com/devops-kung-fu/bomber v0.4.8 💰
Package main is the entry point for the bomber CLI.19 versions - Latest release: 6 months ago - 393 stars on GitHub
Top 9.1% on proxy.golang.org
47 versions - Latest release: about 1 month ago - 59 stars on GitHub
github.com/cyclonedx/cyclonedx-node-npm v1.18.0 💰
Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.47 versions - Latest release: about 1 month ago - 59 stars on GitHub
Top 9.1% on proxy.golang.org
47 versions - Latest release: about 1 month ago - 59 stars on GitHub
github.com/CycloneDX/cyclonedx-node-npm v1.18.0 💰
Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.47 versions - Latest release: about 1 month ago - 59 stars on GitHub
Top 7.4% on proxy.golang.org
Latest release: 25 days ago - 1 dependent package - 271 stars on GitHub
github.com/chainloop-dev/chainloop/app/cli
Chainloop is an Open Source Metadata Vault for your Software Supply Chain metadata, SBOMs, VEX, S...Latest release: 25 days ago - 1 dependent package - 271 stars on GitHub
Top 7.4% on proxy.golang.org
Latest release: 25 days ago - 1 dependent package - 271 stars on GitHub
github.com/chainloop-dev/chainloop/app/artifact-cas
Chainloop is an Open Source Metadata Vault for your Software Supply Chain metadata, SBOMs, VEX, S...Latest release: 25 days ago - 1 dependent package - 271 stars on GitHub
Top 7.4% on proxy.golang.org
Latest release: 25 days ago - 1 dependent package - 271 stars on GitHub
github.com/chainloop-dev/chainloop/app/controlplane
Chainloop is an Open Source Metadata Vault for your Software Supply Chain metadata, SBOMs, VEX, S...Latest release: 25 days ago - 1 dependent package - 271 stars on GitHub
Top 8.2% on proxy.golang.org
44 versions - Latest release: about 1 month ago - 25 stars on GitHub
github.com/cyclonedx/cyclonedx-php-composer v5.2.0+incompatible
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects44 versions - Latest release: about 1 month ago - 25 stars on GitHub
Top 9.2% on proxy.golang.org
12 versions - Latest release: about 1 month ago - 54 stars on GitHub
github.com/Cyclonedx/sbom-utility v0.16.0 💰
Utility that provides an API platform for validating, querying and managing BOM data12 versions - Latest release: about 1 month ago - 54 stars on GitHub
Top 8.2% on proxy.golang.org
12 versions - Latest release: about 1 month ago - 17 stars on GitHub
github.com/cyclonedx/sbom-utility v0.16.0
Utility that provides an API platform for validating, querying and managing BOM data12 versions - Latest release: about 1 month ago - 17 stars on GitHub
Top 8.2% on proxy.golang.org
12 versions - Latest release: about 1 month ago - 2 dependent packages - 17 stars on GitHub
github.com/CycloneDX/sbom-utility v0.16.0
Utility that provides an API platform for validating, querying and managing BOM data12 versions - Latest release: about 1 month ago - 2 dependent packages - 17 stars on GitHub
Top 8.2% on proxy.golang.org
2 versions - Latest release: over 4 years ago - 16 stars on GitHub
github.com/ozonru/cyclonedx-go v1.1.0
Creates CycloneDX Software Bill-of-Materials (SBOM) from Go projects. So you can use it with Depe...2 versions - Latest release: over 4 years ago - 16 stars on GitHub
Top 0.7% on proxy.golang.org
201 versions - Latest release: about 1 month ago - 217 dependent packages - 179 dependent repositories - 3,878 stars on GitHub
github.com/anchore/syft v1.4.1
CLI tool and library for generating a Software Bill of Materials from container images and filesy...201 versions - Latest release: about 1 month ago - 217 dependent packages - 179 dependent repositories - 3,878 stars on GitHub
Top 1.1% on proxy.golang.org
143 versions - Latest release: about 1 month ago - 50 dependent packages - 14 dependent repositories - 5,389 stars on GitHub
github.com/anchore/grype v0.77.4
A vulnerability scanner for container images and filesystems143 versions - Latest release: about 1 month ago - 50 dependent packages - 14 dependent repositories - 5,389 stars on GitHub
Top 6.9% on proxy.golang.org
13 versions - 12 stars on GitHub
github.com/CycloneDX/cyclonedx-node-yarn 💰
Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.13 versions - 12 stars on GitHub
Top 6.9% on proxy.golang.org
13 versions - 12 stars on GitHub
github.com/cyclonedx/cyclonedx-node-yarn 💰
Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.13 versions - 12 stars on GitHub
Top 8.2% on proxy.golang.org
45 versions - Latest release: 9 months ago - 154 stars on GitHub
github.com/cyclonedx/cyclonedx-cli v0.25.0
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.45 versions - Latest release: 9 months ago - 154 stars on GitHub
Top 8.2% on proxy.golang.org
45 versions - Latest release: 9 months ago - 154 stars on GitHub
github.com/CycloneDX/cyclonedx-cli v0.25.0
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.45 versions - Latest release: 9 months ago - 154 stars on GitHub
Top 8.2% on proxy.golang.org
6 versions - Latest release: about 1 year ago - 9 stars on GitHub
github.com/cyclonedx/gh-gomod-generate-sbom v2.0.0+incompatible
GitHub action to generate a CycloneDX SBOM for Go modules6 versions - Latest release: about 1 year ago - 9 stars on GitHub
Top 8.2% on proxy.golang.org
6 versions - Latest release: about 1 year ago - 9 stars on GitHub
github.com/CycloneDX/gh-gomod-generate-sbom v2.0.0+incompatible
GitHub action to generate a CycloneDX SBOM for Go modules6 versions - Latest release: about 1 year ago - 9 stars on GitHub
Top 9.9% on proxy.golang.org
156 versions - Latest release: about 2 months ago - 577 stars on GitHub
github.com/appthreat/dep-scan v5.3.3+incompatible 💰
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, ...156 versions - Latest release: about 2 months ago - 577 stars on GitHub
github.com/xmirrorsecurity/opensca-cli/v3 v3.0.4
OpenSCA is an open source software supply chain security solution that supports the detection of ...7 versions - Latest release: 5 months ago - 935 stars on GitHub
Top 6.5% on proxy.golang.org
387 versions - Latest release: about 1 month ago - 366 stars on GitHub
github.com/CycloneDX/cdxgen v10.5.1+incompatible 💰
Creates CycloneDX Software Bill of Materials (SBOM) for your projects from source and container i...387 versions - Latest release: about 1 month ago - 366 stars on GitHub
Top 6.5% on proxy.golang.org
387 versions - Latest release: about 1 month ago - 366 stars on GitHub
github.com/cyclonedx/cdxgen v10.5.1+incompatible 💰
Creates CycloneDX Software Bill of Materials (SBOM) for your projects from source and container i...387 versions - Latest release: about 1 month ago - 366 stars on GitHub
Top 8.2% on proxy.golang.org
8 versions - Latest release: almost 2 years ago - 0 stars on GitHub
github.com/djschleen/sbom-release-example v0.0.8
An example project that demonstrates how to automate a release with SBOM generation using Syft8 versions - Latest release: almost 2 years ago - 0 stars on GitHub
Top 8.2% on proxy.golang.org
34 versions - Latest release: about 2 months ago - 38 stars on GitHub
github.com/interlynk-io/sbomqs v0.1.3
SBOM quality score - Quality metrics for your sboms34 versions - Latest release: about 2 months ago - 38 stars on GitHub
Related Keywords
sbom
23
bom
15
spdx
14
software-bill-of-materials
13
bill-of-materials
11
owasp
10
sbom-tool
9
sbom-generator
9
security
8
devsecops
7
package-url
6
purl
6
vex
6
hacktoberfest
5
saasbom
5
containers
5
go
5
node
4
nodejs
4
docker
4
oci
4
compliance
4
supply-chain-security
4
golang
4
sca
4
supply-chain
3
sbom-distribution
3
slsa
3
slsa-provenance
3
static-analysis
3
mbom
3
obom
3
spdx-sbom
3
spdx-license
3
security-tools
3
attestation
3
in-toto
3
license
3
metadata-platform
3
open-source-licensing
3
ospo
3
oss-compliance
3
regulated-industry
3
sbom-discovery
3
github-action
2
gomod
2
yarn-plugin
2
yarn
2
vulnerabilities
2
tool
2
gomodule
2
oss
2
software-composition-analysis
2
supplychain
2
vulnerability-scanners
2
sbom-quality
2
mlbom
2
dependency-graph
2
npm
2
reachability-analysis
1
risk-audit
1
sbom-score
1
github-actions
1
swid
1
security-audit
1
license-compliance
1
tutorial
1
sbom-examples
1
software-supply-chain-security
1
software-supply-chain
1
dependency-audit
1
dependency-analysis
1
cve
1
vulnerability
1
container-image
1
component-analysis
1
vdr
1
php
1
composer-plugin
1
composer
1
syft
1
security-automation
1
snyk
1