tern

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more. (by tern-tools)
Add to my DEV experience Python Containers oss-compliance sbom Docker Compliance spdx Tool Dependencies software-composition-analysis risk-management open-source supply-chain-security metadata-extraction
Source Code
Suggest alternative
Edit details
The modern identity platform for B2B SaaS
The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
workos.com
Sponsored

Tern Alternatives

Similar projects and alternatives to tern

  • CPython

    1,314 tern VS CPython

    The Python programming language

  • cdxgen

    3 tern VS cdxgen

    Creates CycloneDX Software Bill of Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • awesome-security-GRC

    2 tern VS awesome-security-GRC

    Curated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist).

  • ort

    3 tern VS ort

    A suite of tools to automate software compliance checks.

  • goodcode

    2 tern VS goodcode

    A curated collection of annotated code examples from prominent open-source projects

  • spdx-spec

    4 tern VS spdx-spec

    The SPDX specification in MarkDown and HTML formats.

  • spdx-license-matcher

    0 tern VS spdx-license-matcher

    A tool to match license text with SPDX license list using a an algorithm with finds close matches. It follows SPDX Matching guidelines to keep the substantial text as well as ignore the replaceable text for matching purposes.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • import-linter

    4 tern VS import-linter

    Import Linter allows you to define and enforce rules for the internal and external imports within your Python project.

  • deferred-import

    7 tern VS deferred-import

    Lazy import and install on demand Python packages

  • scancode-toolkit

    4 tern VS scancode-toolkit

    :mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!

  • theo

    1 tern VS theo

  • openRiskScore

    1 tern VS openRiskScore

    A python framework for risk scoring

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better tern alternative or higher similarity.
Suggest an alternative to tern

tern reviews and mentions

Posts with mentions or reviews of tern. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-06-30.
  • Learn by reading code: Python standard library design decisions explained
    4 projects | news.ycombinator.com | 30 Jun 2021
    A project you may want to look into adding is Tern [0]. I've had a good time reading through the code over the past couple of weeks, and have found it to be at least not "bad" code, and pretty easy to understand.

    Specifically how they are untarring each container layer and creating a chroot jail to run commands inside is fairly self-contained and interesting.

    [0] https://github.com/tern-tools/tern

Stats

Basic tern repo stats
1
932
3.2
about 1 month ago

tern-tools/tern is an open source project licensed under BSD 2-clause "Simplified" License which is an OSI approved license.

The primary programming language of tern is Python.

Popular Comparisons

  1. tern VS cdxgen
  2. tern VS awesome-security-GRC
  3. tern VS ort
  4. tern VS spdx-spec
  5. tern VS spdx-license-matcher
  6. tern VS goodcode
  7. tern VS import-linter
  8. tern VS deferred-import
  9. tern VS scancode-toolkit
  10. tern VS openRiskScore

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com