#

supply-chain

Here are 550 public repositories matching this topic...

doublechaintech / scm-biz-suite

供应链中台系统基础版，集成零售管理, 电子商务, 供应链管理, 财务管理, 车队管理, 仓库管理, 人员管理, 产品管理, 订单管理, 会员管理, 连锁店管理, 加盟管理, 前端React/Ant Design, 后端Java Spring+自有开源框架，全面支持MySQL, PostgreSQL, 全面支持国产数据库南大通用GBase 8s,通过REST接口调用，前后端完全分离。

mysql java redis ecommerce spring erp supply-chain knowledge-graph tms antd retail scm echarts fleet-management warehouse-management ordermanagement digital-transformation oracle-atg-alternative headless-commerce

Updated Mar 12, 2024
Java

openclarity

openclarity / openclarity

OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure

kubernetes security cloud virtual-machine scanner malware supply-chain exploits vulnerabilities rootkits leaked-secrets sbom

Updated Nov 19, 2024
Go

guacsec / guac

GUAC aggregates software security metadata into a high fidelity graph database.

security supply-chain software-supply-chain supply-chain-analytics supply-chain-security supply-chain-visibility software-supply-chain-security

Updated Nov 22, 2024
Go

ikatsov / tensor-house

A collection of reference Jupyter notebooks and demo AI/ML applications for enterprise use cases: marketing, pricing, supply chain, smart manufacturing, and more.

marketing data-science machine-learning reinforcement-learning ai deep-learning models supply-chain personalization customer-analysis llm

Updated Jan 24, 2024
Jupyter Notebook

coreinfrastructure / best-practices-badge

🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)

rails open-source security best-practices foss supply-chain badge floss ossf openssf

Updated Nov 11, 2024
Ruby

pypa / pip-audit

Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them

python security security-audit supply-chain pip

Updated Nov 22, 2024
Python

sigstore / rekor

Software Supply Chain Transparency Log

security supply-chain provenance transparency-log

Updated Nov 22, 2024
Go

in-toto / in-toto

in-toto is a framework to protect supply chain integrity.

security supply-chain new-york-university secure-systems-lab

Updated Nov 19, 2024
Python

endojs / endo

Endo is a distributed secure JavaScript sandbox, based on SES

javascript security multi-tenant sandbox supply-chain capabilities hardened ocaps powerbox prototype-pollution captp

Updated Nov 22, 2024
JavaScript

ossillate-inc / packj

Packj stops ⚡ Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

Updated Apr 2, 2024
Python

theupdateframework / go-tuf

Go implementation of The Update Framework (TUF)

go golang security chain supply-chain software supply hacktoberfest tuf

Updated Nov 20, 2024
Go

CycloneDX / cdxgen

Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. GPT: https://chatgpt.com/g/g-673bfeb4037481919be8a2cd1bf868d2-cdxgen

docker containers supply-chain owasp bom oci sca software-bill-of-materials purl package-url sbom cyclonedx saasbom cbom

Updated Nov 22, 2024
JavaScript

bomber

devops-kung-fu / bomber

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

golang security oss supply-chain spdx vulnerability-scanners security-automation security-tools devsecops supplychain syft sbom gomodule cyclonedx epss

Updated Nov 22, 2024
Go

sandworm-hq / sandworm-audit

Security & License Compliance For Your App's Dependencies 🪱

cli security supply-chain audit vulnerability compliance vulnerabilities dependencies license-management vulnerability-scanners d3-visualization license-checking security-tools license-compliance dependencies-tree sbom dependencies-graph

Updated Sep 1, 2024
JavaScript

sigstore / sigstore

Common go library shared across sigstore services and clients

go golang security supply-chain cosign sigstore

Updated Nov 22, 2024
Go

in-toto / witness

Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.

security supply-chain verification attestation security-tools

Updated Nov 18, 2024
Go

hubbs5 / or-gym

Environments for OR and RL Research

reinforcement-learning optimization supply-chain deep-reinforcement-learning vehicle-routing-problem operations-research supply-chain-management

Updated Oct 12, 2023
Python

specification

CycloneDX / specification

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX

Updated Nov 23, 2024
XSLT

kpcyrd / rebuilderd

Independent verification of binary packages - reproducible builds

rust supply-chain reproducible-builds security-tools rebuilder supply-chain-security

Updated Nov 21, 2024
Rust

minder

mindersec / minder

Software Supply Chain Security Platform

security supply-chain software-supply-chain software-supply-chain-security

Updated Nov 23, 2024
Go

Improve this page

Add a description, image, and links to the supply-chain topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the supply-chain topic, visit your repo's landing page and select "manage topics."