About SPDX and Black Duck

Document and Share BOMs

The Software Package Data Exchange® (SPDX®) is an evolving standard for communicating the open source content, licenses and copyrights associated with a software package. The purpose of the standard is to help companies in a software supply chain more easily comply with software licensing obligations. 

Software Package Data Exchange (SPDX)

SPDX provides a uniform approach to documenting and sharing a software bill of materials (BOM), making it more efficient for supply chain partners to communicate. The standard is developed and maintained by the SPDX workgroup of the Linux Foundation and is a critical element of the foundation’s Open Compliance Program.
 
Black Duck’s Support of SPDX
Black Duck has been instrumental in developing SPDX through participation in the SPDX workgroup. Our involvement includes:
  • Chairing the SPDX workgroup
  • Actively participating in the three SPDX teams: Technical, Business and Legal
  • Authoring the first SPDX whitepaper
  • Developing and evolving the structure of the spdx.org website and supporting the SPDX beta process
  • Implementing SPDX software BOM in the Black Duck® Suite at no additional cost to customers
 
For More Information:

Product Integrations Learn About
Our Product Integrations

Latest Tweets

Black Duck Software (4 hours ago)
RT @OpenStack: First @Walmartlabs, now @PayPal: @sparkycollier shares how 2015 is becoming the year of the #OpenStack-Powered Planet http:/…
Black Duck Software (6 hours ago)
Going to #RSAC? Visit our booth (846) & participate in our #NameTheNextVuln Twitter contest! http://t.co/0lQHdQQ3Ri http://t.co/ZqXlUyWxti
Black Duck Software (8 hours ago)
RT @opensourceway: How @black_duck_sw, open source's former 'police,' is now helping businesses adopt: http://t.co/kIWBzmihNK via @NetworkW…
Black Duck Software (9 hours ago)
The state of open source security http://t.co/k5pqviOMtY @CIOonline quotes @LinuxPundit on #security vulnerabilities http://t.co/JBrQnCoMrI
Black Duck Software (9 hours ago)
What the New York Times #CIO asks when evaluating open source solutions - @4enterprisers interview http://t.co/M8Q8BUp4ht

Black Duck Software
8 New England Executive Park
Burlington, MA 01803

Contact Us

Legal Notices | Privacy Policy | Site map
Open Source Delivers | Open HUB
Open Source Think Tank