SPDX
SPDX is an open standard for communicating SBOM information, including provenance, license, security, and other related information. ISO/IEC 5962:2021
Pinned Repositories
license-list-data
Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON
license-list-XML
This is the repository for the master files that comprise the SPDX License List
spdx-3-model
spdx-examples
Examples of SPDX files for software combinations
spdx-online-tools
Source for the website providing online SPDX tools
spdx-spec
The SPDX specification in MarkDown and HTML formats.
tools
SPDX Tools
tools-golang
Collection of Go packages to work with SPDX files
tools-java
SPDX Command Line Tools using the Spdx-Java-Library
tools-python
A Python library to parse, validate and create SPDX documents.
SPDX's Repositories
spdx/license-list-data
Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON
spdx/license-list-XML
This is the repository for the master files that comprise the SPDX License List
spdx/spdx-spec
The SPDX specification in MarkDown and HTML formats.
spdx/tools-python
A Python library to parse, validate and create SPDX documents.
spdx/tools-golang
Collection of Go packages to work with SPDX files
spdx/spdx-examples
Examples of SPDX files for software combinations
spdx/spdx-3-model
spdx/spdx-online-tools
Source for the website providing online SPDX tools
spdx/spdx-to-osv
Produce an Open Source Vulnerability JSON file based on information in an SPDX document
spdx/tools-java
SPDX Command Line Tools using the Spdx-Java-Library
spdx/ntia-conformance-checker
Check SPDX SBOM for NTIA minimum elements
spdx/spdx-maven-plugin
Plugin for supporting SPDX in a Maven build.
spdx/Spdx-Java-Library
Java library which implements the Java object model for SPDX and provides useful helper functions
spdx/cdx2spdx
Utility that converts SBOM documents from CycloneDX to SPDX
spdx/meetings
This repository stores meetings minutes for the SPDX project
spdx/spdx-license-matcher
A tool to match license text with SPDX license list using a an algorithm with finds close matches. It follows SPDX Matching guidelines to keep the substantial text as well as ignore the replaceable text for matching purposes.
spdx/governance
SPDX Governance, based on Community Specification model
spdx/spdx-gradle-plugin
spdx/spec-parser
automagically process the specification
spdx/outreach
content for outreach activities
spdx/spdx-java-jackson-store
JSON storage implementation for the SPDX tools
spdx/GSoC
SPDX participation in the Google Summer of Code program
spdx/spdx-java-rdf-store
SPDX Tools RDF Support Library
spdx/spdx-java-spreadsheet-store
SPDX Java library spreadsheet storage
spdx/spdx-java-tagvalue-store
SPDX Document Storage using the Tag/Value format
spdx/licenseRequestImages
License Request Image Repository
spdx/spdx-3-build-profile
spdx/spdx-3-serialization-prototype-playground
TEMPORARY repo to contain different draft examples for SPDX 3.0 serializations
spdx/crypto-algorithms
List of cryptographic algorithms and their characteristics
spdx/using
Information on how to use the SPDX specification