News & Announcements
Oct 30, 2025
Python Foundation Adopts SPDX for Software Bill of Materials
The Python Software Foundation has taken a significant step forward in software supply chain transparency by including SPDX-format Software Bills of Materials (SBOMs) with their official Python releases. Starting with 3.14 released earlier this week, all distribution packages available on the official download page now include accompanying SPDX SBOMs. These…
Oct 3, 2025
SPDX Responds to CISA Minimum Elements RFC
About a month ago, CISA requested industry/community comment on a proposed new minimum set of SBOM elements to replace the original NTIA list. Few people on the planet have thought as much about what belongs in an SBOM than the SPDX tech team which took up the discussion. With input…
Sep 19, 2025
CISA Considering New Set of Minimum Elements
CISA has requested comment on a new set of minimum elements for SBOMs (on top of the original NTiA set). This short announcement describes the process: https://www.cisa.gov/news-events/alerts/2025/08/22/cisa-requests-public-comment-updated-guidance-software-bill-materials The SPDX Tech Team will be responding to the request for comments and will report back to the SPDX community.
Sep 17, 2025
SBOM Vision
In collaboration with NSA and a number of foreign cybersecurity agencies, CISA just just published this easily consumable SBOM vision document. https://www.cisa.gov/sites/default/files/2025-09/joint-guidance-a-shared-vision-of-software-bill-of-materials-for-cybersecurity_508c.pdf
Jul 29, 2025
A Guide to the GitHub SPDX Repo
We just published a readme file at the top level of the repository that provides a great overview of the contents and where to find what. https://github.com/spdx
