Skip to main content
All Posts By


SPDX Specification is now an ISO Standard

By In the News

After much hard work and anticipation, we are proud to announce that the SPDX Specification is now an ISO Standard! We want to thank everyone who helped make this happen. This represents a significant milestone for the project and will help industry adoption of standardized Software Bill of Materials.

Specification: ISO/IEC 5962:2021 .

Our press release: SPDX Becomes Internationally Recognized Standard for Software Bill of Materials.

Although it has become an ISO Standard, we will continue to develop and evolve the SPDX specification in the open via our community using our GitHub Repository.

– SPDX Core Team


By Announcements

There are a number of talks and rooms around SPDX at FOSSDEM 2021 February 6 and 7. See the software composition track:

SPDX Tools have a new Home

By Announcements

Greetings to the community,

We are excited about the hosting of the SPDX tools on a more robust and hopefully permanent platform. A new URL for the SPDX online tools is now be available at

We want to thank everyone for using the tools and providing us with valuable feedback and to those who helped donate for the new hosting via the SPDX Community Bridge for the online tools.

A new version of the online tools implementing several enhancements and an improved deployment infrastructure is currently in test. Once the testing and the upgrade is complete in 2 to 4 weeks, any previous links used for the tools will no longer be available, so be sure to bookmark the new location.

The new version has the following enhancements:

  • License submittals will now check for existing license matches
    • If there is an exact match, the application will inform the user and not accept the new submittal
    • If there is a close match, the user is presented with the differences and can chose to submit an issue that the licenses should match, or chose to submit a new license request
  • A higher performance license matching implementation
  • A license namespace registry has been added to allow organizations to submit license namespace requests
  • Various application enhancements and fixes

If you find any issues or would like to request any enhancements, please add them to the spdx-online-tools Issues list.

Thanks to the many students, mentors and SPDX team members who have contributed to the online tools including Rohit  who was the originator of the online tools and mentor to many students, Smith who contributed the namespace functionality, Umang who implemented the improved license submittal, Mehant who contributed the Docker deployment implementation, and Steve who help us obtain the new URL.

SPDX Specification submitted to ISO

By In the News

On August 20th,  the Software Package Data Exchange® (SPDX®) specification was submitted to ISO for consideration as a Publicly Available Specification.  The Joint Development Foundation (which is part of the Linux Foundation) submitted the specification to JTC1 for balloting.   We are now awaiting feedback from the coordinators, and hope to see it available for balloting soon.