Greetings SPDX outreach team,


I was trading emails regarding the SPDX java tools library with Steve
Springett (cc'd) and learned that SPDX is being used by the OWASP dependency
track project:


It looks like it uses both the license ID's and the bill of materials format
for SPDX.  This is particularly interesting with the recent interest in
using SPDX in more security-oriented applications.


Perhaps a blog post or an article?





Gary O'Neall

Principal Consultant

Source Auditor Inc.

Mobile: 408.805.0586

Email:  <>


Spdx-biz mailing list

Reply via email to