ocramius-package-versions is a PHP library and composer addon to efficiently get installed packages' version numbers.
It uses the Packagist package manager.
Java users get SPDX-formatted licenses for 55,933 package releases
Python users get SPDX-formatted licenses for 11,191 package releases
Conda users get SPDX-formatted licenses for 201 package releases
Python users get vulnerability remediation advice for 10,840 package releases
Generate SBOMs of all the packages used in your applications with rich insights such as:
Security-advised and license-annotated catalog recommendations to keep your applications safe:
Create a custom repository of pre-vetted and approved packages unique to your organization: