The Software Package Data Exchange® (SPDX®)

An open standard for communicating software bill of material information, including components, licenses, copyrights, and security references. SPDX reduces redundant work by providing a common format for companies and communities to share important data, thereby streamlining and improving compliance.





November 28, 2020

License List v3.11 released

The version 3.11 release of the license list is now tagged and live at This release included a smaller number of new licenses than some of the recent prior…
In the News
September 16, 2020

SPDX Specification submitted to ISO

On August 20th,  the Software Package Data Exchange® (SPDX®) specification was submitted to ISO for consideration as a Publicly Available Specification.  The Joint Development Foundation (which is part of the Linux…