An open standard for communicating Software Bill of Materials

Develop and promote adoption of a specification to enable any party in a software supply chain, from the original author to the final end user, to accurately communicate the licensing information for any piece of copyrightable material that such party may create, alter, combine, pass on, or receive, and to make such information available in a consistent, understandable, and re-usable fashion, with the aim of facilitating license and other policy compliance.

lightbulb_outline View ideas list

Technologies

  • python
  • java
  • golang
  • node.js
  • xml

Topics

  • Other
  • open source
  • compliance
  • licensing
comment IRC Channel
email Mailing list
mail_outline Contact email

SPDX 2020 Projects

  • Rishabh Bhatnagar
    Concurrent RDF Parser in GoLang
    The project focuses on building a GoLang RDF reader in native GoLang which not only would be useful for the SPDX community but also might help the...
  • Anisha Srivastava
    Generate Java SPDX Model Classes from XML XSD file.
    The project aims at generating the Java Model Classes for proposed XML XSD files of repositories. This involves mapping the elements of XML Schema to...
  • Ekong Obie Philip
    SPDX Plugins for Package Managers
    Create a native plug-in or extension to a well-known package manager to generate valid SPDX documents based on the information provided in the build...
  • Tanjong Agbor Smith
    Validate License Cross-References
    Enhance the SPDX LicenseListPublisher to validate the cross reference / seeAlso URL's for the license. One check would be to validate the link is...
close

2020