Cross-check a license file in JSON format with licenses in actual files

A python script to classify installed packages licenses

📓 A python CLI tool to extract a software bill of materials and license info from a vcpkg manifest.

This repo contains various tools for interacting with DBoM

A tool to map strings to SPDX licenses names or IDs.

Support a continuous integration (CI) generation of SPDX files by creating a plugins or extensions to build tools. These plugins or extensions will generate valid SPDX documents based on the build file metadata and source files.

Fast and lightweight Python library for parsing and writing SPDX JSON documents correctly.

examining open source licenses that are 'functionally' equivalent

A Python package to find license expressions and copyright statements in a codebase.

A utility to add and maintain SPDX compliant license headers to all types of files

A Python library to parse, validate and create SPDX documents. Website: https://spdx.dev

Experimental SPDX baseline validator.

AI BOM example. A simple sentiment analysis application, published solely as an artifact for the purpose of demonstrating a software bill of materials. Not recommended for critical text classification tasks.

Get info about OSS licenses

Determine the technical debt for a Software Bill of Materials (SBOM)

SPDX License check via CI/CLI with expandable dict

Software Bill of Materials

Parse sbom files (or archives) for vulnerabilities

Fast and lightweight Python library for parsing and writing SPDX JSON documents correctly.

Libraries developed by Integrated Computer Solutions (ICS) for handling Software Bill of Materials (SBoM) documentaion.