Cyclonedx Python Packages

cyclonedx-python-lib

Functionality and DataModels of OWASP CycloneDX for Python

cyclonedx-bom

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

lib4sbom

Library to ingest and generate SBOMs

scancode-toolkit

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

cyclonedx-py

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

distro2sbom

Generates SBOM files from system packaging information

lib4vex

Library to ingest and generate VEX documents

agent-bom

Open security scanner for AI supply chain and infrastructure: agents, MCP, containers, cloud, GPU, and runtime with blast-radius analysis.

ai-bom

AI Bill of Materials — discover every AI agent, model, and API in your infrastructure

owasp-depscan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

blint

blint is a Binary Linter that checks the security properties and capabilities of your executables. It can also generate a Software Bill-of-Materials (SBOM) for supported binaries.

ds-analysis-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

ds-xbom-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

ds-reporting-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

sbom2doc

Transform SBOM contents into a formatted document including markdown and PDF formats

sbomdiff

This tool compares two Software Bill of Materials (SBOMs) and reports the differences.

aboutcode-pipeline

ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Commission, NLnet NGI0, the Google Summer of Code, nexB and others generous sponsors!

assay-it

CI-native evidence compiler for agent systems: MCP policy enforcement, evidence receipts, Trust Basis claims, and reviewable artifacts.

sbom4python

A tool to generate a SBOM (Software Bill of Materials) for an installed Python module

sbom2dot

Create a dependency graph of the components within a SBOM

appthreat-depscan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

sbom4files

SBOM generator for files within a directory

meta-package-manager

🎁 wraps all package managers with a unifying CLI

aisbom-cli

AI SBOM: AI Software Bill of Materials - The Supply Chain for Artificial Intelligence