Bitbucket pipe to generate a CycloneDX sBOM for node/npm projects
-
Updated
Jun 19, 2024 - Shell
Bitbucket pipe to generate a CycloneDX sBOM for node/npm projects
SPDX License Information, Terms of Service, Policies and our Warrant Canary
A tool to generate REUSE compatible SPDX licensing info for a project stored in a git repo, using its git commit history for extracting author/copyright info, and a file with assigning regexes matchign the (git tracked/content) files to SPDX expressions.
Match text against SPDX-known licenses
📝 Detect what license a project is distributed under
Add a description, image, and links to the spdx topic page so that developers can more easily learn about it.
To associate your repository with the spdx topic, visit your repo's landing page and select "manage topics."