The Software Package Data Exchange (SPDX)

The Software Package Data Exchange® (SPDX®)

An open standard for communicating software bill of material information, including components, licenses, copyrights, and security references. SPDX reduces redundant work by providing a common format for companies and communities to share important data, thereby streamlining and improving compliance.

LEARN MORE

Learn

Use

Resources

Announcements

March 8, 2021

License List v3.12 released

The version 3.12 release of the license list is now tagged and live at https://spdx.org/licenses. 10 new licenses were added to the list.

swinslow

Love0

In the News

September 16, 2020

SPDX Specification submitted to ISO

On August 20th, the Software Package Data Exchange® (SPDX®) specification was submitted to ISO for consideration as a Publicly Available Specification. The Joint Development Foundation (which is part of the Linux…

jmanbeck

Love0