Go, SBOM and DependencyTrack

This page summarizes the projects mentioned and recommended in the original post on /r/golang
bill-of-materials bom software-bill-of-materials sbom Owasp

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • cyclonedx-gomod

    Creates CycloneDX Software Bill of Materials (SBOM) from Go modules

    • I am aware of the cyclonedx-gomod project, but I imagine that if the go tool got native support for sbom generation, it might also be able to provide information about vulnerable code that either are test-code only, or is not in use and does not affect a binary/module/package

  • cyclonedx-maven-plugin

    Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

    • The recent govulncheck effort made me think of the possibility of having the go tool create an SBOM (Software Bill of Materials) in a standard format like CycloneDX that could be consumed by existing tools like DependencyTrack. Somewhat similar to the recent docker sbom feature.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • CycloneDX SBom (Software Bill of material) Maven Demo

    4 projects | dev.to | 17 Aug 2022

  • Krita fund has 0 corporate support

    7 projects | news.ycombinator.com | 5 Oct 2023

  • How to create SBOMs in Java with Maven and Gradle

    4 projects | dev.to | 1 Nov 2022

  • SQL Injection Isn't Dead Yet

    2 projects | dev.to | 15 Apr 2024

  • Dependency-Track

    1 project | news.ycombinator.com | 27 Oct 2023