nexB

nexB https://validator.w3.org/feed/docs/rss2.html Blog VulnerableCode ScanCode DejaCode OSS Attribution Case Study: DataTables and Healthcare.gov Best Practices for Open Source Software (OSS) Attribution What is Open Source Software (OSS)? And Is It Free to Use? What are the Benefits of Using Open Source Software? Software Dependencies: A not-too-technical guide Wix vs. WordPress and what we can learn about the GPL Homepage SCA for Containers Is a page that contains Javascript considered redistribution? Open Source Stack Exchange: Can a team be a copyright holder? What are the membership levels in the Linux Foundation? Meet purl: a “mostly” universal software package URL Panel discussion on the future of package management ScanCode: Open source scanning solution to identify licenses How much documentation for a software project? License Compliance is Like Saying Thank You for a Gift Making Sense of So Many License Compliance Tools Importance of snippet matching for software provenance analysis Why is there no free software vulnerability database? Introducing FetchCode: A smart code downloader Exploring the state of open source licensing clarity Building the FOSS security commons to identify vulnerabilities FOSS & Third Party Software Compliance for Small Businesses Using Copyleft-licensed software components in a Java application nexB on GPL 3.0 and Related License Compliance Issues Updates on open source scanning with ScanCode Software Bill of Materials and Software Composition Analysis Google Summer of Code: Open source SCA tools with AboutCode Identifying packages and vulnerabilities across ecosystems A vulnerability database should not be about vulnerabilities! Scanning Docker images with ScanCode.io Finding FOSS software vulnerabilities with FOSS tools VulnerableCode v30 publicly available with new UI and API access VulnerableCode: Find FOSS vulnerabilities, improve FOSS security Providing Clarity on License Clarity Scoring in ScanCode There and back again: A software versioning story VulnerableCode v31 expands vulnerability coverage Do you really need to update the copyright statement each new year? SCA the FOSS Way – Part 1: Software Composition Analysis VulnTotal: Validate vulnerability coverage of VulnerableCode Technical deep dive into VulnerableCode v31 and VulnTotal FOSDEM Recap: FOSDEM 2023 partial event report What is a Dual License Anyway? ScanCode LicenseDB: 2,000+ licenses curated in a public database Track your software, and ensure compliance with DejaCode Standardizing FOSS package identifiers using PURL