7 projects
Tern
Tern is an inspection tool to find the metadata of the packages installed in a container image. It provides a deeper understanding of a container’s bill of materials so better decisions can be made about container based infrastructure, integration and deployment strategies. Tern was created by VMware, who are contributing the project to ACT, to help developers meet open source compliance requirements for containers.
Contributors
78
Organizations
3
Decoder Ring
Developing open source SBOM format translation tooling, including infrastructure and support initiatives.
Contributors
67
Organizations
1
Quartermaster (QMSTR)
Quartermaster is an integrated free and open source software (FOSS) toolchain that implements industry best practices of license compliance management.
Contributors
7
Organizations
1
OSS Review Toolkit (ORT)
The mission of ORT enable highly automated compliance and security checks in the CI/CD build workflow by providing easy, open-source & scalable tooling and to share results in open standard formats.
Contributors
6
Organizations
1
Fossology
FOSSology is a open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools available to help with your compliance activities.
Contributors
4
Organizations
1
SPDX Tools
The Software Package Data Exchange (SPDX) specification is a standard format for communicating the components, licenses and copyrights associated with a software package.
Contributors
1
Organizations
1
Automated Compliance Tooling (ACT)
The mission of ACT is to support development of open source tooling for efficient and effective exchange of software bill of materials (SBOM) to enable license compliance, security, export control, pedigree and provenance workflows.
This project hasn't been onboarded to LFX Insights.