The Software Package Data Exchange® (SPDX®)

An open standard for communicating software bill of material information, including components, licenses, copyrights, and security references. SPDX reduces redundant work by providing a common format for companies and communities to share important data, thereby streamlining and improving compliance.

LEARN MORE

Learn

Use

Resources

Announcements
February 1, 2021

SPDX at FOSSDEM 2021

There are a number of talks and rooms around SPDX at FOSSDEM 2021 February 6 and 7. See the software composition track: https://fosdem.org/2021/schedule/track/software_composition/
In the News
September 16, 2020

SPDX Specification submitted to ISO

On August 20th,  the Software Package Data Exchange® (SPDX®) specification was submitted to ISO for consideration as a Publicly Available Specification.  The Joint Development Foundation (which is part of the Linux…