The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.
☆362Apr 11, 2026Updated this week
Alternatives and similar repositories for spdx-spec
Users that are interested in spdx-spec are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Python library to parse, validate and create SPDX documents.☆243Mar 13, 2026Updated last month
- The model for the information captured in SPDX version 3 standard.☆98Updated this week
- Examples of SPDX files for software combinations☆145Mar 31, 2026Updated 2 weeks ago
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆495Apr 2, 2026Updated 2 weeks ago
- SPDX Tools☆144Oct 7, 2025Updated 6 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.☆85Apr 6, 2026Updated last week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆1,007Apr 8, 2026Updated last week
- SPDX Command Line Tools using the Spdx-Java-Library☆90Mar 25, 2026Updated 3 weeks ago
- This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles☆97Updated this week
- A light-weight app to audit and inventory large codebases for open source license compliance.☆72Updated this week
- SBOM Explorer - Discover and pull public SBOMs☆21May 23, 2025Updated 10 months ago
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆286Apr 6, 2026Updated last week
- SW360 Antenna project☆22Mar 17, 2021Updated 5 years ago
- Support CI generation of SBOMs via golang tooling.☆425Jan 13, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- The International FOSS Law Book, v.2 and onwards☆15Jan 17, 2022Updated 4 years ago
- sbomasm: The Complete SBOM Management Toolkit☆111Apr 7, 2026Updated last week
- Source XML and test text files for the SPDX License List☆465Mar 5, 2026Updated last month
- This repo contains license and copyright analysis results of open source packages. It further contains other license compliance relevant …☆53Updated this week
- Format agnostic SBOM tooling☆137Nov 20, 2025Updated 4 months ago
- OpenVEX Specification☆172Jan 16, 2026Updated 3 months ago
- Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON☆652Updated this week
- Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team☆34Feb 2, 2026Updated 2 months ago
- Source for the website providing online SPDX tools☆72Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Repository of workplace for the OpenChain Japan Work Group(JWG)☆10May 23, 2022Updated 3 years ago
- Create SPDX documents automatically with CMake build info☆32May 2, 2021Updated 4 years ago
- FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export contr…☆981Updated this week
- A small application which needs a better name and collects oss-license metadata and combines it☆32Mar 16, 2026Updated last month
- A brief tutorial on how to use Software Package Data Exchange (SPDX)☆144Feb 12, 2024Updated 2 years ago
- A suite of tools to automate software compliance checks.☆1,981Updated this week
- REUSE recommendations, tutorials, FAQ and specification☆18May 27, 2024Updated last year
- Utility that provides an API platform for validating, querying and managing BOM data☆136Jan 2, 2026Updated 3 months ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆33Jan 19, 2024Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…☆213Updated this week
- SBOM Search - Context aware search in SBOM repositories☆32Nov 24, 2025Updated 4 months ago
- A rest client using shell scripts for the integration of FOSSology into a CI system☆13Jan 27, 2025Updated last year
- ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Co…☆198Updated this week
- ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party package…☆2,513Mar 20, 2026Updated 3 weeks ago
- The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.☆2,012Updated this week
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆218Oct 21, 2025Updated 5 months ago