Software Package Data Exchange
Open standard for software bill of materials / From Wikipedia, the free encyclopedia
Dear Wikiwand AI, let's keep it short by simply answering these key questions:
Can you list the top facts and stats about Software Package Data Exchange?
Summarize this article for a 10 year old
SHOW ALL QUESTIONS
This article is about the standard for describing software bills of materials. For the communications protocol, see SPDY.
Software Package Data Exchange (SPDX) is an open standard for software bills of materials (SBOMs).[1] SPDX allows the expression of components, licenses, copyrights, security references and other metadata relating to software.[2] Its original purpose was to improve license compliance,[3] and it has since been expanded to facilitate additional use cases such as supply-chain transparency and security.[4] SPDX is authored by the community-driven SPDX Project under the auspices of the Linux Foundation.
Quick Facts Abbreviation, Status ...
![]() | |
Abbreviation | SPDX |
---|---|
Status | Published |
First published | August 2011 (2011-08) |
Latest version | 3.0 April 2024 (2024-04) |
Organization | Linux Foundation |
Committee | SPDX Project |
Domain | Software bill of materials |
License | CC-BY-3.0 |
Website | spdx |
Close
The current version of the standard is 3.0.[5]