Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.

docker Python open-source spdx sbom tool risk-management containers software-composition-analysis dependencies supply-chain-security oss-compliance compliance metadata-extraction

---

Aufgenommen vor 2 Jahren
Aktualisiert vor 4 Tagen
0