Automated Compliance Tooling (ACT)

Open initiative focused on developing and maintaining open-source tools that automate and streamline compliance with industry standards, regulations, and policies across software systems and infrastructure.

7 projects

Most contributors

Tern

Tern is a Linux Foundation project focused on open source software supply chain security, providing tools for analyzing and managing dependencies in containerized applications to enhance transparency and compliance.

Contributors

Organizations

Decoder Ring

Decoder Ring is a Linux Foundation project focused on developing cryptographic tools and libraries to enhance security and privacy in open-source software systems through standardized encryption and decryption protocols.

Contributors

Organizations

Quartermaster (QMSTR)

Quartermaster (QMSTR) is a Linux Foundation project focused on open-source software compliance tooling, automating the documentation and verification of license obligations and dependencies throughout the software supply chain.

Contributors

Organizations

OSS Review Toolkit (ORT)

ORT is a Linux Foundation toolkit that automates the review and compliance verification of open-source software dependencies, helping developers identify licensing issues, security vulnerabilities, and ensure policy adherence throughout the software supply chain.

Contributors

Organizations

Fossology

Fossology is a Linux Foundation project that provides an open-source license compliance software system. It helps organizations scan, analyze, and manage software licenses and copyrights in their codebase to ensure compliance with licensing requirements.

Contributors

Organizations

SPDX Tools

SPDX Tools is a Linux Foundation project that provides utilities for creating, validating, and exchanging Software Package Data Exchange (SPDX) files, enabling standardized sharing of software license and component information across the supply chain.

Contributors

Organizations