全语言制品仓库,涵盖npm、Maven、PyPi、Docker、Gradle、SBT、Cocoapods、Swift、RPM、Debian、PHP、Go、Pub、Ivy、NuGet、Conda、Cargo、Conan、Yarn、GitLFS、Helm、OHPM等主流工具,涵盖Huggingface 等主流AI模型仓库的代理与同步
Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
The Evidence Store for Your Entire Supply Chain. SBOMs, xBOMs and every other artifact - stored for 10+ years, versioned and audit-ready.
This repo accumulate underlying data and analysis results for assessing the current landscape of open-source and proprietary tools related to Software Bill of Materials (SBOM). We additionally compiled our findings into a comprehensive spreadsheet detailing 86 tools and their use cases.
Add a description, image, and links to the software-supply-chain topic page so that developers can more easily learn about it.
To associate your repository with the software-supply-chain topic, visit your repo's landing page and select "manage topics."