Pricing

Pay per usage

Dependency SBOM Auditor

Parse a dependency manifest (package.json, requirements.txt, pyproject.toml, go.mod, Cargo.toml, Gemfile, composer.json) from text or a public raw URL into a clean dependency list + a CycloneDX SBOM (JSON). Deterministic, no AI. Optional free keyless OSV.dev advisory enrichment. SSRF-guarded.

Pricing

Pay per usage

Rating

0.0

(0)

Developer

Ahmed Moussa

Actor stats

Bookmarked

Total users

Monthly active users

11 hours ago

Last modified

Categories

Developer tools

You can access the Dependency SBOM Auditor programmatically from your own applications by using the Apify API. You can also choose the language preference from below. To use the Apify API, you’ll need an Apify account and your API token, found in Integrations settings in Apify Console.

Python

JavaScript

CLI

OpenAPI

HTTP

MCP

1from apify_client import ApifyClient
2
3# Initialize the ApifyClient with your Apify API token
4# Replace '<YOUR_API_TOKEN>' with your token.
5client = ApifyClient("<YOUR_API_TOKEN>")
6
7# Prepare the Actor input
8run_input = { "manifest_url": "https://raw.githubusercontent.com/pallets/flask/main/pyproject.toml" }
9
10# Run the Actor and wait for it to finish
11run = client.actor("timely_quarterstaff/dependency-sbom-auditor").call(run_input=run_input)
12
13# Fetch and print Actor results from the run's dataset (if there are any)
14print("💾 Check your data here: https://console.apify.com/storage/datasets/" + run["defaultDatasetId"])
15for item in client.dataset(run["defaultDatasetId"]).iterate_items():
16    print(item)
17
18# 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/python/docs/quick-start

Dependency SBOM Auditor API in Python

The Apify API client for Python is the official library that allows you to use Dependency SBOM Auditor API in Python, providing convenience functions and automatic retries on errors.

Install the apify-client

$pip install apify-client

Other API clients include:

Dependency SBOM Auditor API in JavaScript

Dependency SBOM Auditor API through CLI

Dependency SBOM Auditor OpenAPI definition

Dependency SBOM Auditor API

OSS Dependency Risk Report — Bus Factor, CVEs & SBOM Compliance

ryanclinton/oss-dependency-risk-report

Analyze the risk profile of any open-source package or repository by querying 7 data sources in parallel — GitHub repositories, NVD CVE vulnerabilities, CISA Known Exploited Vulnerabilities (KEV), StackExchange discussions, Hacker News mentions, Federal Register SBOM regulations, and Congress...

Ryan Clinton

CVE Vulnerability Lookup (NIST NVD)

automation-lab/cve-vulnerability-lookup

Query the NIST NVD for CVE details — lookup by CVE ID, keyword, or CPE product. Returns CVSS scores, descriptions, CWE IDs, affected software, and patch links. No API key required.

Stas Persiianenko

Open Source Software Supply Chain MCP Server

ryanclinton/open-source-software-supply-chain-mcp

OSS dependency risk and SBOM compliance intelligence for application security teams, engineering leadership, and procurement.

Ryan Clinton

OSV Open Source Vulnerabilities Scraper

parseforge/osv-vulnerabilities-scraper

Query the OSV.dev open-source vulnerabilities database. Search by package (PyPI/npm/Go/Maven/RubyGems/crates.io/NuGet/Packagist), commit hash, or fetch a specific vulnerability by ID. Returns affected ranges, CVE aliases, severity, and references.

ParseForge

NPM Package Scraper – Download Stats, Deps, Versions

logiover/npm-package-intelligence-scraper

Scrape NPM package download stats, dependencies and versions. NPM API alternative and registry data export to CSV/JSON. No token, no login.

Logiover

RubyGems Scraper | Ruby Package Registry and Stats

parseforge/rubygems-scraper

Scrape RubyGems package registry data including gem names, versions, downloads, authors, dependencies, runtime requirements, source code repositories, project URLs, and release dates. Extract metadata for monitoring, security audits, and developer ecosystem analysis

ParseForge

Crates.io Rust Crates Scraper

parseforge/crates-io-rust-scraper

Search crates.io, the Rust package registry. Returns crate name, version, description, repository, homepage, documentation, license, downloads, recent downloads, last updated, categories, keywords, owner team, dependencies, and yank status. Search by keyword or look up specific crates by name.

ParseForge

Packagist PHP Packages Scraper

parseforge/packagist-php-packages-scraper

Scrape PHP package metadata from Packagist public API. Get package name, vendor, description, latest version, downloads, dependencies, repository, license. No API key required.

ParseForge

UI/UX Auditor

lenient_grove/ai-ux-auditor-apify

🚀 Ultimate AI based UI/UX Auditor for Website : Comprehensive analysis covering UX/UI, performance, accessibility, SEO, mobile, conversion & tech stack. AI-powered insights with 7 analysis types. Perfect for agencies & developers! #ai, #ux-analysis, seo, accessibility, #performance, #web-scraping

Tejas Rawool

1.9

(2)

npm & PyPI Package Tracker — Metadata + Downloads

agency-shift/npm-pypi-package-tracker

Track npm and PyPI packages. Get metadata, download stats, version history, and dependency info. For developer tools research and open source intelligence.

Valdeir Lima

PyPI Packages Scraper

parseforge/pypi-packages-scraper

Pull Python package data from PyPI. Returns name, version, summary, description, classifiers, license, author, project URLs (homepage, source, issues, docs), Python version requirement, dependencies, release history, last upload, and total release count. Direct lookup by package name.

ParseForge