SPDX Becomes Internationally Recognized Standard for Software Bill of Materials (The Linux Foundation)

SAN FRANCISCO, September 9, 2021 – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the Software Package Data Exchange® (SPDX®) specification has been published as ISO/IEC 5962:2021 and recognized as the open standard for security, license compliance, and other software supply chain artifacts. ISO/IEC JTC 1 is an independent, non-governmental standards body.

Read more at The Linux Foundation

Posted by Contributor