PyRank

Purl Python Packages

Python packages with the GitHub topic purl. Sorted by relevance, with stars and monthly downloads.
package-url
packageurl-python

Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and other generous sponsors.

22.2M 88 55
CycloneDX
cyclonedx-python-lib

Functionality and DataModels of OWASP CycloneDX for Python

22.1M 108 63
CycloneDX
cyclonedx-bom

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

1.7M 373 93
aboutcode-org
scancode-toolkit

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

87K 3K 725
CycloneDX
cyclonedx-py

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

77K 373 93
aboutcode-org
univers

Parse and compare package versions and ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!

27K 46 22
appthreat
appthreat-vulnerability-db

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers.

27K 140 22
aboutcode-org
aboutcode-pipeline

ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Commission, NLnet NGI0, the Google Summer of Code, nexB and others generous sponsors!

8K 201 191
aboutcode-org
aboutcode-hashid

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

4K 664 304
aboutcode-org
aboutcode-federated

Federated data utilities

4K 664 304
aboutcode-org
minecode-pipelines

Tools to create and deploy a database of software packages metadata, origin, dependencies, and license keyed by PURLs (Package URLs). Supported by AboutCode, sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ , nexB and other fine supporters. Chat is at https://gitter.im/aboutcode-org/discuss

4K 63 69
aboutcode-org
scancode-toolkit-mini

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

4K 3K 725
aboutcode-org
scancodeio

ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Commission, NLnet NGI0, the Google Summer of Code, nexB and others generous sponsors!

3K 201 191
OpenRailAssociation
purl-tools

A small library that supports with various tasks around Package URLs

3K 3 2
nexB
vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

2K 665 304
CycloneDX
cyclonedx-conan

Creates CycloneDX Software Bill of Materials (SBOM) documents for C/C++ projects using Conan

2K 27 14
nexB
licensedcode-index

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

2K 3K 726
aboutcode-org
aboutcode-api-auth

Automate open source license compliance and ensure software supply chain integrity

1K 45 21
nexB
licensedcode-data

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!

1K 3K 726
SemClone
purl2src

PURL2SRC - Package URL (PURL) to Source

477 4 0
appthreat
appthreat-vulndb

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers.

422 140 22
oscarvalenzuelab
semantic-copycat-purl2src

PURL2SRC - Package URL (PURL) to Source

355 4 0
tonylturner
purl2repo

Resolve Package URLs to canonical source, VCS, registry, and artifact hub repositories.

344 2 3
Malwarebytes
ghas-cli

CLI utility to deploy at scale and interact with GitHub Advanced Security

332 6 2