What is this library?
Backport of JSR-310 to JDK 1.7. NOT an implementation of the JSR.
Java users get SPDX-formatted licenses for 55,933 package releases
Python users get SPDX-formatted licenses for 11,191 package releases
Conda users get SPDX-formatted licenses for 201 package releases
Python users get vulnerability remediation advice for 10,840 package releases
Generate SBOMs of all the packages used in your applications with rich insights such as:
Security-advised and license-annotated catalog recommendations to keep your applications safe:
Create a custom repository of pre-vetted and approved packages unique to your organization: