Just spotted a very nice reference to SPDX in Dirk Riehle's paper, and thought those on the list might find the paper interesting as well.
http://dirkriehle.com/publications/2017-2/license-clearance-in-software-product-governance/ > > The first step is to have a standard format for a bill of materials that > expresses what is included in a component. For this, the Linux Foundation > has sponsored the creation of the Software Package Data Exchange (SPDX) > standard [27 > <http://dirkriehle.com/publications/2017-2/license-clearance-in-software-product-governance/#r27>] > and tools for processing the standard [19 > <http://dirkriehle.com/publications/2017-2/license-clearance-in-software-product-governance/#r19> > ]. > SPDX is rapidly evolving. SPDX compliant documents provide information > about what is contained within a software package, including the license > information of a contained component, who created the component, its > version, etc. Kate
_______________________________________________ Spdx mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx
