News & Announcements
Jan 27, 2025
SPDX Podcast
New podcast episode of Nerding Out with Viktor is now live! In Viktor's words: I spoke with Kate Stewart from the The Linux Foundation and Gary ONeall about the evolution of SPDX and its role in software transparency. We covered how SPDX grew from a license compliance tool into a…
Nov 13, 2024
Implementing an AI BOM
As global regulations on AI software tighten, developers face a complex set of new, ambiguous rules. The AI Software Bill of Materials (AI BOM), especially the new SPDX 3.0 with AI and dataset profiles, offers a promising solution for compliance, providing detailed, machine-readable documentation of AI systems. Despite its benefits,…
Sep 4, 2024
SBOM Adoption Paper
Check out this great new Linux Foundation paper on implementing SBOMs and how it helps with license compliance and application security. Author Ibrahim Haddid provides great insights into this important topic. SPDX is prominently featured.
Jul 9, 2024
Linux Foundation announces SPDX 3.0
In case you missed it, the Linux Foundation excitedly announced the latest version of SPDX. It's a great summary of the cool new architecture, use cases and features.
Nov 6, 2023
Capturing Software Vulnerability Data in SPDX 3.0
The flexibility of SPDX 3.0 allows users to either link SBOMs to external security vulnerability data or to embed security vulnerability information in the SPDX 3.0 data format, thanks to support for a security-specific profile. This is different from SPDX version 2, which enabled users to link an SBOM to…
