Software Package Data Exchange (SPDX) is “a set of standards for communicating the components, licenses, and copyrights associated with software”. You can find the latest (as well as the previous) standards at:

One idea is to accompany software with special files that hold certain meta information: authorship, copyrights, licenses, etc. These files currently come in two major formats: TAG and RDF. There are parsing tools available for these formats in Python and Go:

These tools do not support the latest SPDX-2.1 standard (instead, they can handle SPDX-1.2) which makes it logical to add support for the latest standard.

However, personally I am not happy with the specification which is why I would rather develop an online validation tool with the license-expression [pyLE] library which heavily relies on the library [BP].


Aleksandr Lisianoi


  • Phil Ombredanne SPDX