Abbreviation | SPDX |
---|---|
Status | Published |
First published | August 2011 |
Latest version | 3.0 April 2024 |
Organization | Linux Foundation |
Committee | SPDX Project |
Domain | Software bill of materials |
License | CC-BY-3.0 |
Website | spdx |
Software Package Data Exchange (SPDX) is an open standard for software bill of materials (SBOM).[1] SPDX allows the expression of components, licenses, copyrights, security references and other metadata relating to software.[2] Its original purpose was to improve license compliance,[3] and has since been expanded to facilitate additional use-cases, such as supply-chain transparency and security.[4] SPDX is authored by the community-driven SPDX Project under the auspices of the Linux Foundation.
The current version of the standard is 3.0.[5]
© MMXXIII Rich X Search. We shall prevail. All rights reserved. Rich X Search