SPDX

The purpose of SPDX is to develop and promote adoption of a specification to enable any party in a software supply chain, from the original author to the final end user, to accurately communicate the licensing information for any piece of copyrightable material that such party may create, alter, combine, pass on, or receive, and to make such information available in a consistent, understandable, and re-usable fashion, with the aim of facilitating license and other policy compliance.

Learn More »

OpenChain

OpenChain focuses on identifying and documenting common best practices in compliance programs that should be applied across a supply chain for efficient and effective compliance with open source licenses.

Learn More »