SPDX develops and promotes open standards for communicating software information

SPDX is an open standard for communicating software bill of material information, including provenance, license, security, and other related information. SPDX reduces redundant work by providing common formats for organizations and communities to share important data, thereby streamlining and improving compliance, security, and dependability.

lightbulb_outline View ideas list

Technologies

  • python
  • java
  • rdf
  • golang
  • json

Topics

  • Security
  • compliance
  • security
  • licensing
  • standards
comment IRC Channel
email Mailing list
mail_outline Contact email

SPDX 2021 Projects

  • mikit
    Fast and Precise License Matching Library
    Detecting the contents of license documents is a major task for software that automatically analyzes software metadata, such as package managers. OSS...
  • Ujjwal Agarwal
    JSON Support for Golang libraries
    After the introduction of SPDX Specifications v2.2 JSON, YAML, and a development version of XML had been added as supported file formats. However ,...
  • Umang Taneja
    MIGRATE SPDX ONLINE TOOLS TO DJANGO 3
    Since we have a working python 3 branch for SPDX Online Tools, it is necessary to keep the app updated to latest Django versions and at the same time...
  • Nirmal Praveen Suthar
    Validate and Generate multiple representations of Specifications
    This project aims to build a program that end users can use as: Validating and reporting all possible parsing errors (in any) in the incoming...
close

2021