OpenChain Specification
-
Updated
Jul 3, 2017 - JavaScript
OpenChain Specification
📝 Detect what license a project is distributed under
Check a GitHub organization's repositories' license choices
Cool links, tools & papers related to Open Source Licensing
A compilation of resources in the software supply chain security domain, with emphasis on open source
DeltaCode: compare two codebase scans (from ScanCode) to detect significant changes.
project barista - open source license and vulnerability management
Curated list of security tools
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Secure Software Supply Chain Lifecycle in Cybersecurity.
📊 ScanCode Workbench is a desktop app to review and conclude license and origin from code scans generated by ScanCode Toolkit.
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles
bitbake layer repository for intergrating osselot into the build process
See who wrote each line of code in your git repository with interactive reports.
A desktop workbench for OSS Review Toolkit result files.
🔍 ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
A light-weight app to audit and inventory large codebases for open source license compliance.
Add a description, image, and links to the oss-compliance topic page so that developers can more easily learn about it.
To associate your repository with the oss-compliance topic, visit your repo's landing page and select "manage topics."