Generate CycloneDX SBOMs for Delphi projects — EU Cyber Resilience Act compliance in one click
By December 2027, every product with digital elements sold in the EU needs conformity assessment. The 14 essential requirements, the open-source carve-outs and what shipping early gets you.
Open-source license & compliance scanner for modern codebases — CycloneDX/SPDX SBOMs + EU CRA evidence
CLI tool for BSI TR-03183-2 SBOM generation, enrichment, validation, and submission. CycloneDX 1.6 / SPDX 2.3 compliant. AGPL-3.0 licensed.
Open-source CRA/NIS2 compliance reporting server — SBOM management, vulnerability scanning (VulnzMatcher), VEX lifecycle, CSAF advisory generation, audit trail, and ENISA submission. AGPL-3.0 licensed.
Go vulnerability data aggregator with EU CRA compliance - 28 providers including EU-specific feeds (KEV, EUVD, BSI CERT-Bund, CERT-FR)
Cryptographically sign your SBOM with ECDSA-P521 + RFC 3161 timestamps. Tamper-evident, publicly verifiable. One GitHub Action step. EU CRA-ready.
Go vulnerability data library — CVE feed parsing, CWE mapping, GRC control enrichment, and storage backends for EU CRA/NIS2 compliance tooling. AGPL-3.0 licensed.
Add a description, image, and links to the eu-cra topic page so that developers can more easily learn about it.
To associate your repository with the eu-cra topic, visit your repo's landing page and select "manage topics."