GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → CycloneDX → cyclonedx-node-module

CycloneDX / cyclonedx-node-module

Licence: Apache-2.0 license
creates CycloneDX Software Bill of Materials (SBOM) from node-based projects

Labels

nodejsnodebommetapackagemeta-packagesoftware-bill-of-materialssbomcyclonedx

Projects that are alternatives of or similar to cyclonedx-node-module

cyclonedx-php-composer
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-80.77%)
Mutual labels:  bom, software-bill-of-materials, sbom, cyclonedx
cyclonedx-maven-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (-0.96%)
Mutual labels:  bom, software-bill-of-materials, sbom, cyclonedx
cyclonedx-dotnet
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Stars: ✭ 110 (+5.77%)
Mutual labels:  bom, software-bill-of-materials, sbom, cyclonedx
cyclonedx-cli
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Stars: ✭ 154 (+48.08%)
Mutual labels:  bom, software-bill-of-materials, sbom, cyclonedx
cyclonedx-python
Creates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (-25%)
Mutual labels:  bom, software-bill-of-materials, sbom, cyclonedx
specification
Software Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (+24.04%)
Mutual labels:  bom, software-bill-of-materials, sbom, cyclonedx
cyclonedx-gomod
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
Stars: ✭ 27 (-74.04%)
Mutual labels:  bom, software-bill-of-materials, sbom
cdxgen
Creates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.
Stars: ✭ 75 (-27.88%)
Mutual labels:  bom, sbom, cyclonedx
awesome-sbom
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
Stars: ✭ 164 (+57.69%)
Mutual labels:  software-bill-of-materials, sbom
dep-scan
Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+232.69%)
Mutual labels:  sbom, cyclonedx
php-qa-tools
A metapackage for all PHP quality assurance tools we use at Dealerdirect
Stars: ✭ 36 (-65.38%)
Mutual labels:  metapackage, meta-package
JavaScript-Bootcamp
Complete Documentation For JavaScript Bootcamp Course By Osama Elzero.
Stars: ✭ 27 (-74.04%)
Mutual labels:  bom
UnicodeBOMInputStream
Doing things right, in the name of Sun / Oracle
Stars: ✭ 36 (-65.38%)
Mutual labels:  bom
osxbom
A reimplementation of lsbom
Stars: ✭ 24 (-76.92%)
Mutual labels:  bom
lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+1112.5%)
Mutual labels:  sbom
nx-desktop
Meta package for Nitrux to install NX Desktop.
Stars: ✭ 19 (-81.73%)
Mutual labels:  metapackage
bom-radar-card
A rain radar card using the new tiled images from the Australian BOM
Stars: ✭ 52 (-50%)
Mutual labels:  bom
utfbom
Detection of the BOM and removing as necessary
Stars: ✭ 87 (-16.35%)
Mutual labels:  bom
KiCost
Build cost spreadsheet for a KiCad project.
Stars: ✭ 376 (+261.54%)
Mutual labels:  bom
scancode.io
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Stars: ✭ 66 (-36.54%)
Mutual labels:  cyclonedx
View All Similar Projects ➔

shield_gh-workflow-test shield_npm-version shield_license
shield_website shield_slack shield_groups shield_twitter-follow

CycloneDX BOM

This is a so-called meta-package, it does not ship any own functionality, but it is a collection of optional dependencies. This package's dependencies are tools with one purpose in common:
generate CycloneDX Software Bill-of-Materials (SBOM) from node-based projects.

ecosystem actual tool
npm @cyclonedx/cyclonedx-npm
yarn to be announced
pnpm to be announced

You should not depend on this very meta-package, instead depend on the actual tool that suites your specific ecosystem.

Out of Scope

There are ecosystems, that are not node-based, but use node as a runtime/compiler environment.
These ecosystems are out of scope. Therefore, the following packages are not part of this very meta-package.

ecosystem actual tool
webpack @cyclonedx/webpack-plugin
Angular @cyclonedx/webpack-plugin
React @cyclonedx/webpack-plugin
Parcel to be announced

Library

If you are looking for a JavaScript/TypeScript library for working with CycloneDX, its data models or serialization, then you might want to try @cyclonedx/cyclonedx-library.

Contributing

You want to have a certain node-based tool added?
Feel free to open issues, bugreports or pull requests.
See the CONTRIBUTING file for details.

Copyright & License

CycloneDX Node Module is Copyright (c) OWASP Foundation. All Rights Reserved.

Permission to modify and redistribute is granted under the terms of the Apache 2.0 license.
See the LICENSE file for the full license.

Previous versions

This project used to be a tool-set and a library to work and generate CycloneDX Software Bill-of-Materials (SBOM) from npm and yarn based projects.
Since version 4.0, this was all split to individual projects, and this project changed to a bare meta-package.

Previous versions of this very package are still available via npmjs versions and github releases

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].