The Journal of Open Law, Technology and Society

The goal of the Software Package Data Exchange (SPDX™) specification is to enable companies and organizations to share license and component information (metadata) for a software package and related content with the aim of facilitating license and other policy compliance. The specification is being developed through collaboration between technical, business and legal professionals from a range of organizations to create a standard that addresses the needs of various participants in the software supply chain.