scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
-
Updated
Jul 1, 2026 - JavaScript
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server
Security & License Compliance For Your App's Dependencies 🪱
Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.
GitHub action to generate a CycloneDX SBOM for Node.js
GitHub action to generate a CycloneDX SBOM for Python
GitHub action to generate a CycloneDX SBOM for .NET
Service to scan licenses from source code
A GitHub Action that takes SPDX SBOMs and uploads them to GitHub's dependency submission API to power Dependabot alerts
Runtime Enforcement of Security-Enhanced SBOMs for Node.js
AI provenance across your dependency tree. 14 ecosystems. CycloneDX and SPDX integration. Private registry.
The guidance for the Open Source Component Management process consists of a generic architecture description, usage blueprints, a concept of the abstraction layer and a collection of use cases. It enables you to quickly match your organization's needs with available solutions and jump-start your process definition by providing templates.
🛡️ The fastest Trivy Action for GitHub. Scan Containers, Filesystems, and IaC for vulnerabilities. Supports SBOM, SARIF, and Daily DB Caching.
Automated Secrets, Misconfiguration, IaC Misconfiguration detection, and OSS by Check Point CloudGuard
A SonarQube plugin that brings the CycloneDX Sunshine SBOM visualization directly into SonarQube, per project.
Agentic AI workflow for Supply Chain Analysis using GitHub Actions
Add a description, image, and links to the sbom topic page so that developers can more easily learn about it.
To associate your repository with the sbom topic, visit your repo's landing page and select "manage topics."