Open Hub
Black Duck Open Hub

Tags : Browse Projects

Select a tag to browse associated projects and drill deeper into the tag cloud.

OWASP Dependency-Track

Compare

Claimed by Open Web Application Securi... Analyzed about 16 hours ago

Dependency-Track is a continuous SBOM analysis platform that allows organizations to identify and reduce risk in the software supply chain. Dependency-Track support SBOM, SaaSBOM, HBOM, VDR, and VEX in the OWASP CycloneDX format.

549K lines of code

8 current contributors

1 day since last commit

0 users on Open Hub

Very High Activity
0.0
 
0 Reviews
I Use This
Mostly written in Java
Licenses: gpl3_or_l...
Tags cicd CycloneDX devops devsecops EO14028 HBOM inventory SaaSBOM SBOM security securityscanner SPDX 3 more...

spdxtra

Compare

  Analyzed about 17 hours ago

A new Java-based SPDX generation, analysis, and conversion framework. Unlike other SPDX generation tools, SpdXtra trades in high levels of abstraction for performance and scalability.

3K lines of code

0 current contributors

almost 8 years since last commit

0 users on Open Hub

Inactive
5.0
 
0 Reviews
I Use This
Mostly written in Java
Licenses: apache_2
Tags BOM SPDX

reuse-tool

Compare

  Analyzed about 4 hours ago

reuse is a tool for compliance with the REUSE recommendations.

7.47K lines of code

0 current contributors

19 days since last commit

0 users on Open Hub

Moderate Activity
0.0
 
0 Reviews
I Use This
Mostly written in Python
Licenses: gpl-3
Tags licenses SPDX

OWASP CycloneDX

Compare

  Analyzed 1 day ago

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction.

2.53M lines of code

0 current contributors

2 days since last commit

0 users on Open Hub

Very High Activity
0.0
 
0 Reviews
I Use This
Mostly written in JavaScript
Licenses: No declared licenses
Tags AI-BOM appsec Attestations CBOM CMDB EO14028 HBOM license MBOM ML-BOM OWASP SaaSBOM 7 more...