Analyzed
about 19 hours
ago.
based on code collected
about 19 hours
ago.
Project Summary
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
In a Nutshell, syft...
- ...
- ...
-
...
has a codebase with a long source history
maintained by a very large development team
with increasing Y-O-Y commits -
...
took an estimated 35 years of effort (COCOMO model)
starting with its first commit in May, 2020
ending with its most recent commit about 19 hours ago
Quick Reference
https://github.com/anchore/syft
Apache License 2.0
Permitted
Commercial Use
Modify
Distribute
Place Warranty
Sub-License
Private Use
Use Patent Claims
Forbidden
Hold Liable
Use Trademarks
Required
Include Copyright
State Changes
Include License
Include Notice
These details are provided for information only. No information here is legal advice and should not be used as such.
Project Security
Vulnerabilities per Version ( last 10 releases )
There are no reported vulnerabilities
Project Vulnerability Report
Security Confidence Index
Poor security track-record
Favorable security track-record
Vulnerability Exposure Index
Many reported vulnerabilities
Few reported vulnerabilities
Did You Know...
-
...
65% of companies leverage OSS to speed application development in 2016
-
...
by exploring contributors within projects, you can view details on every commit they have made to that project
-
...
in 2016, 47% of companies did not have formal process in place to track OS code
-
...
data presented on the Open Hub is available through our API
30 Day SummaryApr 28 2024 — May 28 2024
|
12 Month SummaryMay 28 2023 — May 28 2024
|
