From d8bcf6aea54c6cb372b03b118d5893b46e046ffd Mon Sep 17 00:00:00 2001 From: Vinny Barton Date: Tue, 9 Sep 2025 06:26:00 -0400 Subject: [PATCH 1/4] adding SecureSBOM to tools.json Signed-off-by: Vinny Barton --- tools.json | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/tools.json b/tools.json index 0ac8902..3da74aa 100644 --- a/tools.json +++ b/tools.json @@ -12907,6 +12907,55 @@ "C/C++", "SCALA" ] + }, + { + "name": "SecureSBOM", + "publisher": "ShiftLeftCyber", + "description": "SecureSBOM is an enterprise-grade API that provides cryptographic signing and verification capabilities at scale.", + "website_url": "https://shiftleftcyber.io/securesbom", + "capabilities": [ + "SBOM", + "VDR/VEX" + ], + "availability": [ + "FREEMIUM", + "SUBSCRIPTION" + ], + "functions": [ + "ANALYSIS", + "PACKAGE_MANAGER_INTEGRATION", + "SIGNING/NOTARY" + ], + "analysis": [], + "transform": [], + "packaging": [ + "COMMAND_LINE_UTILITY", + "GITHUB_ACTION", + "LIBRARY" + ], + "library": [ + "GO" + ], + "platform": [ + "LINUX", + "MAC", + "WINDOWS" + ], + "lifecycle": [ + "BUILD", + "POST-BUILD", + "OPERATIONS" + ], + "supportedStandards": [ + "CYCLONEDX", + "SPDX" + ], + "cycloneDxVersion": [ + "CYCLONEDX_V1.4", + "CYCLONEDX_V1.5", + "CYCLONEDX_V1.6" + ], + "supportedLanguages": [] } ] } From 5074e11cdcf21d293868f35ed45ef5b7ddd4db78 Mon Sep 17 00:00:00 2001 From: Ahmad Nassri Date: Mon, 8 Sep 2025 18:40:45 -0400 Subject: [PATCH 2/4] feat: add socket.dev Signed-off-by: Ahmad Nassri --- tools.json | 112 ++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 90 insertions(+), 22 deletions(-) diff --git a/tools.json b/tools.json index 3da74aa..1a85031 100644 --- a/tools.json +++ b/tools.json @@ -12909,53 +12909,121 @@ ] }, { - "name": "SecureSBOM", - "publisher": "ShiftLeftCyber", - "description": "SecureSBOM is an enterprise-grade API that provides cryptographic signing and verification capabilities at scale.", - "website_url": "https://shiftleftcyber.io/securesbom", + "name": "Socket", + "publisher": "Socket", + "description": "Supply Chain Security platform. Next-gen SCA + SBOM + 0-day prevention.", + "website_url": "https://socket.dev", "capabilities": [ "SBOM", "VDR/VEX" ], "availability": [ "FREEMIUM", - "SUBSCRIPTION" + "SUBSCRIPTION", + "COMMERCIAL_LICENSE" ], "functions": [ "ANALYSIS", - "PACKAGE_MANAGER_INTEGRATION", - "SIGNING/NOTARY" + "AUTHOR", + "PACKAGE_MANAGER_INTEGRATION" + ], + "analysis": [ + "SECURITY_VULNERABILITIES", + "POLICY_EVALUATION", + "LICENSE_REPORTING", + "OUTDATED_COMPONENTS" ], - "analysis": [], "transform": [], "packaging": [ + "APPLICATION", "COMMAND_LINE_UTILITY", "GITHUB_ACTION", - "LIBRARY" - ], - "library": [ - "GO" + "GITHUB_APP", + "GITLAB_CI_TEMPLATE" ], + "library": [], "platform": [ "LINUX", "MAC", "WINDOWS" ], "lifecycle": [ + "DESIGN", + "PRE-BUILD", "BUILD", - "POST-BUILD", - "OPERATIONS" + "POST-BUILD" ], "supportedStandards": [ "CYCLONEDX", - "SPDX" - ], - "cycloneDxVersion": [ - "CYCLONEDX_V1.4", - "CYCLONEDX_V1.5", - "CYCLONEDX_V1.6" + "SPDX", + "PACKAGE_URL" ], - "supportedLanguages": [] - } + "cycloneDxVersion": [], + "supportedLanguages": [ + "C/C++", + ".NET", + "ERLANG_ELIXIR", + "GO", + "JAVA", + "JAVASCRIPT/TYPESCRIPT", + "KOTLIN", + "NODE.JS", + "PHP", + "PYTHON", + "RUBY", + "RUST", + "SCALA", + "SWIFT" + ] + }, + { + "name": "SecureSBOM", + "publisher": "ShiftLeftCyber", + "description": "SecureSBOM is an enterprise-grade API that provides cryptographic signing and verification capabilities at scale.", + "website_url": "https://shiftleftcyber.io/securesbom", + "capabilities": [ + "SBOM", + "VDR/VEX" + ], + "availability": [ + "FREEMIUM", + "SUBSCRIPTION" + ], + "functions": [ + "ANALYSIS", + "PACKAGE_MANAGER_INTEGRATION", + "SIGNING/NOTARY" + ], + "analysis": [], + "transform": [], + "packaging": [ + "COMMAND_LINE_UTILITY", + "GITHUB_ACTION", + "LIBRARY" + ], + "library": [ + "GO" + ], + "platform": [ + "LINUX", + "MAC", + "WINDOWS" + ], + "lifecycle": [ + "BUILD", + "POST-BUILD", + "OPERATIONS" + ], + "supportedStandards": [ + "CYCLONEDX", + "SPDX" + ], + "cycloneDxVersion": [ + "CYCLONEDX_V1.4", + "CYCLONEDX_V1.5", + "CYCLONEDX_V1.6" + ], + "supportedLanguages": [] + } ] } From 0b7e51eec388692a9173c15a5986ee9e19951fa9 Mon Sep 17 00:00:00 2001 From: Vinny Barton Date: Mon, 5 Jan 2026 07:12:10 -0500 Subject: [PATCH 3/4] adding SecureSBOM to tools.json --- tools/securesbom.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/securesbom.json b/tools/securesbom.json index f7d9bb7..291035b 100644 --- a/tools/securesbom.json +++ b/tools/securesbom.json @@ -47,7 +47,8 @@ "cycloneDxVersion": [ "CYCLONEDX_V1.4", "CYCLONEDX_V1.5", - "CYCLONEDX_V1.6" + "CYCLONEDX_V1.6", + "CYCLONEDX_V1.7" ], "supportedLanguages": [] } From 9b53875f8693c1dd6f239e093fa1e8cfc787c6bd Mon Sep 17 00:00:00 2001 From: Vinny Barton Date: Mon, 5 Jan 2026 15:37:47 -0500 Subject: [PATCH 4/4] adding SecureSBOM to tools.json --- tools/securesbom.json | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/tools/securesbom.json b/tools/securesbom.json index 291035b..6bb7de2 100644 --- a/tools/securesbom.json +++ b/tools/securesbom.json @@ -20,8 +20,6 @@ "PACKAGE_MANAGER_INTEGRATION", "SIGNING/NOTARY" ], - "analysis": [], - "transform": [], "packaging": [ "COMMAND_LINE_UTILITY", "GITHUB_ACTION", @@ -49,7 +47,6 @@ "CYCLONEDX_V1.5", "CYCLONEDX_V1.6", "CYCLONEDX_V1.7" - ], - "supportedLanguages": [] + ] } } \ No newline at end of file