Announcements
Python Foundation Adopts SPDX for Software Bill of Materials
The Python Software Foundation has taken a significant step forward in software supply chain transparency by including SPDX-format Software Bills of Materials (SBOMs) with their official Python releases. Starting with...
SPDX Responds to CISA Minimum Elements RFC
About a month ago, CISA requested industry/community comment on a proposed new minimum set of SBOM elements to replace the original NTIA list. Few people on the planet have thought...
CISA Considering New Set of Minimum Elements
CISA has requested comment on a new set of minimum elements for SBOMs (on top of the original NTiA set). This short announcement describes the process: https://www.cisa.gov/news-events/alerts/2025/08/22/cisa-requests-public-comment-updated-guidance-software-bill-materials The SPDX Tech...
A Guide to the GitHub SPDX Repo
We just published a readme file at the top level of the repository that provides a great overview of the contents and where to find what. https://github.com/spdx
Implementing an AI BOM
As global regulations on AI software tighten, developers face a complex set of new, ambiguous rules. The AI Software Bill of Materials (AI BOM), especially the new SPDX 3.0 with...
SPDX Announces 3.0 Release Candidate with New Use Cases
VANCOUVER, May 8, 2023 – We are delighted to announce the release of the SPDX 3.0 Release Candidate, the first in a series of releases that will lead to the general...
Why you should use SPDX for security
https://docs.google.com/document/d/1Yd7ZKAl1l67FAqGOjLcr6MTr2e2KyhIGsB1NZ6M24Ro/edit#
SPDX examples repo
We are pleased to announce a new repository in the SPDX GitHub organization to provide illustrative examples of SPDX software bills of materials (SBOMs).
