The OSS Review Toolkit (ORT) is a FOSS policy automation and orchestration toolkit that you can use to manage your (open source) software dependencies in a strategic, safe and efficient manner. You can use it to: Generate CycloneDX, SPDX SBOMs, or custom FOSS attribution documentation for your software project Automate your FOSS policy using risk-based Policy as Code to do licensing, security vuln