Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
proxy.golang.org "spdx" keyword
Top 5.5% on proxy.golang.org
12 versions - Latest release: 4 months ago - 196 stars on GitHub
github.com/kubernetes-sigs/bom v0.6.0
A utility to generate SPDX-compliant Bill of Materials manifests12 versions - Latest release: 4 months ago - 196 stars on GitHub
Top 2.3% on proxy.golang.org
12 versions - Latest release: 4 months ago - 28 dependent packages - 39 dependent repositories - 196 stars on GitHub
sigs.k8s.io/bom v0.6.0
A utility to generate SPDX-compliant Bill of Materials manifests12 versions - Latest release: 4 months ago - 28 dependent packages - 39 dependent repositories - 196 stars on GitHub
Top 0.7% on proxy.golang.org
200 versions - Latest release: 8 days ago - 217 dependent packages - 179 dependent repositories - 3,878 stars on GitHub
github.com/anchore/syft v1.4.1
CLI tool and library for generating a Software Bill of Materials from container images and filesy...200 versions - Latest release: 8 days ago - 217 dependent packages - 179 dependent repositories - 3,878 stars on GitHub
Top 5.2% on proxy.golang.org
Latest release: about 20 hours ago - 227 stars on GitHub
gopkg.in/src-d/go-license-detector.v1
Reliable project licenses detector.Latest release: about 20 hours ago - 227 stars on GitHub
Top 2.0% on proxy.golang.org
3 versions - Latest release: over 4 years ago - 26 dependent packages - 29 dependent repositories - 226 stars on GitHub
gopkg.in/src-d/go-license-detector.v2 v2.0.4
Reliable project licenses detector.3 versions - Latest release: over 4 years ago - 26 dependent packages - 29 dependent repositories - 226 stars on GitHub
Top 8.2% on proxy.golang.org
4 versions - Latest release: about 4 years ago - 227 stars on GitHub
github.com/src-d/go-license-detector/v3 v3.1.0
Reliable project licenses detector.4 versions - Latest release: about 4 years ago - 227 stars on GitHub
Top 2.4% on proxy.golang.org
4 versions - Latest release: about 4 years ago - 9 dependent packages - 5 dependent repositories - 226 stars on GitHub
gopkg.in/src-d/go-license-detector.v3 v3.1.0
Reliable project licenses detector.4 versions - Latest release: about 4 years ago - 9 dependent packages - 5 dependent repositories - 226 stars on GitHub
Top 8.2% on proxy.golang.org
3 versions - Latest release: over 4 years ago - 227 stars on GitHub
github.com/src-d/go-license-detector/v2 v2.0.4
Reliable project licenses detector.3 versions - Latest release: over 4 years ago - 227 stars on GitHub
Top 4.4% on proxy.golang.org
1 version - Latest release: over 5 years ago - 21 dependent packages - 12 dependent repositories - 24 stars on GitHub
github.com/mitchellh/go-spdx v0.1.0
Golang library for listing and looking up licenses using SPDX IDs.1 version - Latest release: over 5 years ago - 21 dependent packages - 12 dependent repositories - 24 stars on GitHub
github.com/xmirrorsecurity/opensca-cli/v3 v3.0.4
OpenSCA is an open source software supply chain security solution that supports the detection of ...7 versions - Latest release: 4 months ago - 935 stars on GitHub
Top 5.3% on proxy.golang.org
19 versions - Latest release: 5 months ago - 393 stars on GitHub
github.com/devops-kung-fu/bomber v0.4.8 💰
Package main is the entry point for the bomber CLI.19 versions - Latest release: 5 months ago - 393 stars on GitHub
Top 9.9% on proxy.golang.org
1 version - Latest release: 5 months ago - 0 stars on GitHub
go.pitz.tech/spdx-fmt v0.0.0-20231214053306-39c2a5effc40
Easily convert spdx.json files into human-readable, markdown files.1 version - Latest release: 5 months ago - 0 stars on GitHub
Top 4.7% on proxy.golang.org
780 versions - Latest release: 4 months ago - 1,135 stars on GitHub
github.com/oss-review-toolkit/ort v0.0.0-20240124214120-d9f27bb61219
A suite of tools to assist with reviewing Open Source Software dependencies.780 versions - Latest release: 4 months ago - 1,135 stars on GitHub
Top 7.9% on proxy.golang.org
6 versions - Latest release: 2 months ago - 42 stars on GitHub
github.com/nexB/license-expression v30.3.0+incompatible
Utility library to parse, normalize and compare License expressions for Python using a boolean l...6 versions - Latest release: 2 months ago - 42 stars on GitHub
Top 7.9% on proxy.golang.org
6 versions - Latest release: 2 months ago - 42 stars on GitHub
github.com/nexb/license-expression v30.3.0+incompatible
Utility library to parse, normalize and compare License expressions for Python using a boolean l...6 versions - Latest release: 2 months ago - 42 stars on GitHub
Top 8.2% on proxy.golang.org
1 version - Latest release: over 5 years ago - 4 stars on GitHub
github.com/joshdk/licensor v0.0.0-20180911150826-8950282717cb
📝 Detect what license a project is distributed under1 version - Latest release: over 5 years ago - 4 stars on GitHub
Top 8.2% on proxy.golang.org
9 versions - Latest release: about 6 years ago - 0 stars on GitHub
github.com/adaptant-labs/licensechecker v1.3.1
licensechecker (lc) a command line application which scans directories and identifies what softwa...9 versions - Latest release: about 6 years ago - 0 stars on GitHub
Top 8.2% on proxy.golang.org
8 versions - Latest release: almost 2 years ago - 0 stars on GitHub
github.com/djschleen/sbom-release-example v0.0.8
An example project that demonstrates how to automate a release with SBOM generation using Syft8 versions - Latest release: almost 2 years ago - 0 stars on GitHub
Top 8.2% on proxy.golang.org
44 versions - Latest release: 8 months ago - 154 stars on GitHub
github.com/CycloneDX/cyclonedx-cli v0.25.0
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.44 versions - Latest release: 8 months ago - 154 stars on GitHub
Top 8.2% on proxy.golang.org
44 versions - Latest release: 8 months ago - 154 stars on GitHub
github.com/cyclonedx/cyclonedx-cli v0.25.0
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.44 versions - Latest release: 8 months ago - 154 stars on GitHub
Top 8.2% on proxy.golang.org
34 versions - Latest release: 23 days ago - 38 stars on GitHub
github.com/interlynk-io/sbomqs v0.1.3
SBOM quality score - Quality metrics for your sboms34 versions - Latest release: 23 days ago - 38 stars on GitHub
Top 9.2% on proxy.golang.org
12 versions - Latest release: 8 days ago - 54 stars on GitHub
github.com/Cyclonedx/sbom-utility v0.16.0 💰
Utility that provides an API platform for validating, querying and managing BOM data12 versions - Latest release: 8 days ago - 54 stars on GitHub
Top 8.2% on proxy.golang.org
12 versions - Latest release: 8 days ago - 2 dependent packages - 17 stars on GitHub
github.com/CycloneDX/sbom-utility v0.16.0
Utility that provides an API platform for validating, querying and managing BOM data12 versions - Latest release: 8 days ago - 2 dependent packages - 17 stars on GitHub
Top 8.2% on proxy.golang.org
12 versions - Latest release: 8 days ago - 17 stars on GitHub
github.com/cyclonedx/sbom-utility v0.16.0
Utility that provides an API platform for validating, querying and managing BOM data12 versions - Latest release: 8 days ago - 17 stars on GitHub
Top 7.4% on proxy.golang.org
4 versions - Latest release: almost 5 years ago - 5 dependent packages - 2 dependent repositories - 3 stars on GitHub
github.com/kyoh86/go-spdx v0.0.4
Package go-spdx The package parses SPDX license expression strings describing license terms.4 versions - Latest release: almost 5 years ago - 5 dependent packages - 2 dependent repositories - 3 stars on GitHub
Top 6.6% on proxy.golang.org
14 versions - Latest release: 7 months ago - 145 stars on GitHub
github.com/spdx/tools-python v0.8.2
A Python library to parse, validate and create SPDX documents.14 versions - Latest release: 7 months ago - 145 stars on GitHub
Top 5.2% on proxy.golang.org
31 versions - Latest release: over 1 year ago - 105 stars on GitHub
github.com/spdx/tools v2.2.8+incompatible
SPDX Tools31 versions - Latest release: over 1 year ago - 105 stars on GitHub
Top 8.2% on proxy.golang.org
44 versions - Latest release: 17 days ago - 25 stars on GitHub
github.com/cyclonedx/cyclonedx-php-composer v5.2.0+incompatible
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects44 versions - Latest release: 17 days ago - 25 stars on GitHub
Top 8.2% on proxy.golang.org
1 version - Latest release: about 6 years ago - 381 stars on GitHub
github.com/spdx/license-list-data v3.1.1+incompatible
Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON1 version - Latest release: about 6 years ago - 381 stars on GitHub
Top 8.2% on proxy.golang.org
9 versions - Latest release: about 6 years ago - 110 stars on GitHub
github.com/boyter/lc v1.3.1
licensechecker (lc) a command line application which scans directories and identifies what softwa...9 versions - Latest release: about 6 years ago - 110 stars on GitHub
github.com/Azure/obom v0.0.4
Copyright © 2023 Microsoft Permission is hereby granted, free of charge, to any person obtaining...4 versions - Latest release: 8 months ago - 4 stars on GitHub
Top 8.2% on proxy.golang.org
1 version - Latest release: over 5 years ago - 4 stars on GitHub
github.com/joshdk/license v0.0.0-20180911150826-8950282717cb
📝 Detect what license a project is distributed under1 version - Latest release: over 5 years ago - 4 stars on GitHub
github.com/azure/obom v0.0.4
Inspect and push SBOMs (such as SPDX documents) to an OCI registry as an OCI artifact4 versions - Latest release: 8 months ago - 4 stars on GitHub
Top 8.2% on proxy.golang.org
28 versions - Latest release: 10 months ago - 834 stars on GitHub
github.com/tern-tools/tern v2.12.1+incompatible
Tern is a software composition analysis tool and Python library that generates a Software Bill of...28 versions - Latest release: 10 months ago - 834 stars on GitHub
Top 9.5% on proxy.golang.org
1 version - Latest release: about 4 years ago - 1 stars on GitHub
github.com/dephell/dephell_licenses v0.0.0-20200515124647-0383ebec387c
Get info about OSS licenses1 version - Latest release: about 4 years ago - 1 stars on GitHub
Top 9.1% on proxy.golang.org
3 versions - Latest release: 4 months ago - 1 stars on GitHub
github.com/demcon/cmake-sbom v1.1.1
Guided SBOM generation from CMake3 versions - Latest release: 4 months ago - 1 stars on GitHub
Top 9.1% on proxy.golang.org
3 versions - Latest release: 4 months ago - 1 stars on GitHub
github.com/DEMCON/cmake-sbom v1.1.1
Guided SBOM generation from CMake3 versions - Latest release: 4 months ago - 1 stars on GitHub
Related Keywords
sbom
19
spdx-license
13
license-management
12
cyclonedx
11
golang
9
license-scan
9
bom
8
software-bill-of-materials
7
spdx-licenses
6
sbom-generator
6
go
6
vex
5
license
5
licenses
5
oss-compliance
4
license-checking
4
spdx-sbom
4
compliance
4
oss
4
licensing
4
python
4
bill-of-materials
4
owasp
4
package-url
4
purl
4
sbom-tool
4
hacktoberfest
4
obom
3
mbom
3
security
3
devsecops
3
saasbom
3
oci
3
dependencies
2
cmake
2
sbom-quality
2
open-source-licensing
2
boolean-expression
2
license-expression
2
kubernetes
2
containers
2
docker
2
static-analysis
2
tool
2
software-composition-analysis
2
gomodule
2
supplychain
2
ospo
1
vdr
1
library
1
parsing
1
rdf
1
composer
1
composer-plugin
1
php
1
html-format
1
json
1
rdfa
1
classifier
1
cli
1
command-line-tool
1
commandline
1
licensechecker
1
metadata-extraction
1
open-source
1
risk-management
1
supply-chain-security
1
dephell
1
pypi
1
copyright-scan
1
package-manager
1
package-scan
1
provenance
1
supply-chain
1
security-tools
1
security-automation
1
syft
1
vulnerabilities
1
github-actions
1
tutorial
1
swid
1
software-supply-chain-security
1
software-supply-chain
1
open-chain-project
1
sca
1
license-compliance
1
vulnerability-scanners
1
copyright
1
sbom-examples
1
foss
1
sbom-score
1
dependency-graph
1