An open standard for communicating software bill of material information, including components, licenses, copyrights, and security references. SPDX reduces redundant work by providing a common format for companies and communities to share important data, thereby streamlining and improving compliance.
There are a number of talks and rooms around SPDX at FOSSDEM 2021 February 6 and 7. See the software composition track: https://fosdem.org/2021/schedule/track/software_composition/
On August 20th, the Software Package Data Exchange® (SPDX®) specification was submitted to ISO for consideration as a Publicly Available Specification. The Joint Development Foundation (which is part of the Linux…
