THE LINUX FOUNDATION PROJECTS

podence

CISA Considering New Set of Minimum Elements

CISA has requested comment on a new set of minimum elements for SBOMs (on top of the original NTiA set). This short announcement describes the process: https://www.cisa.gov/news-events/alerts/2025/08/22/cisa-requests-public-comment-updated-guidance-software-bill-materials The SPDX Tech...

A Guide to the GitHub SPDX Repo

We just published a readme file at the top level of the repository that provides a great overview of the contents and where to find what. https://github.com/spdx

Kudos for Yocto support of SPDX SBOMs

Check out this posting and the accompanying article that give a shout out to the Yocto SBOM work that Joshua Watt briefed us on at the last General Meeting. https://www.linkedin.com/posts/vpetersson_im-excited-by-yoctos-sbom-capabilities-activity-7298791001526063106-qqsc/#?lipi=urn%3Ali%3Apage%3Ad_flagship3_detail_base%3Brv%2FCdMTgS36PFZd4RZTQPg%3D%3D...

SPDX Podcast

New podcast episode of Nerding Out with Viktor is now live! In Viktor’s words: I spoke with Kate Stewart from the The Linux Foundation and Gary ONeall about the evolution...

Implementing an AI BOM

As global regulations on AI software tighten, developers face a complex set of new, ambiguous rules. The AI Software Bill of Materials (AI BOM), especially the new SPDX 3.0 with...