Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 3 Java spdx Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
As others have already commented:
The US government has added SBOMs to a proposed rule to update the Federal Acquisition Regulation. So if you want to sell to the US Government you'll have to provide SBOMs: https://www.federalregister.gov/documents/2023/10/03/2023-21...
Lots of large companies require SBOMs from their supplier.
In the EU we will get the Cyber Resilience Act which will make them mandatory as well in certain cases: https://data.consilium.europa.eu/doc/document/ST-12536-2023-...
And yes, there's bascially two technical standards to provide them: SPDX and CycloneDX: https://cyclonedx.org/
Project mention: Dependency inventory / dashboard for multiple maven projects | /r/java | 2023-06-08
Java spdx related posts
- Who in your organization is responsible for deciding and implementing AppSec tools? And any recommendations for a reliable alternative for Snyk tools? Thanks!
- SBOM management program?
- How to Automate the Software Bill of Materials (SBOM)
- How to create SBOMs in Java with Maven and Gradle
- Looking for an alternative to gradle dependency tree
- Software Release tracking
- OWASP CycloneDX – The Open Source SBOM Format
-
A note from our sponsor - InfluxDB
www.influxdata.com | 28 Apr 2024
Index
What are some of the best open-source spdx projects in Java? This list will help you:
Project | Stars | |
---|---|---|
1 | cyclonedx-maven-plugin | 273 |
2 | cyclonedx-gradle-plugin | 139 |
3 | cyclonedx-core-java | 68 |
Sponsored