The Software Package Data Exchange® (SPDX®) specification is a standard format for communicating the components, licenses and copyrights associated with a software package.

Announcing the SPDX Report Program

The objective of the SPDX Report program is to create a repository of articles to capture and share community knowledge about anything and everything SPDX.  Submit something today!

SPDX Specification version 2.0

The SPDX 2.0 Specification has been released. It is now the current version of the Specification.



Have a tool that supports SPDX?

We are looking for community and/or commercial tools that support SPDX. If you would like to have a link to your tool click here to see how to submit it.



From the SPDX Workgroup

SPDX Talk at FOSSDEM 2015

Our own Jilayne Lovejoy, Co-Chair for the legal team, gave a talk at FOSSDEM earlier this year on SPDX. Her talk was entitled "Debunking the Myths and Misunderstandings". Take a look, you might learn something new!



Learn about and participate in SPDX

The SPDX Specification

Download the current version

SPDX Version 2.0

This is the current version of the specification

SPDX Tools

Implement SPDX in your organization


OSIT allows developers to scan, self-verify their source code and report during development.


AIRS helps supply chain partners share data regarding identification of open source components in software packages.

Consolidated SPDX Tools and Library

SPDX workgroup tools to support SPDX 2.0 (consolidates all tool functionality into a single download).


The Yocto+SPDX project is built to integrated SPDX generation into the Yocto build process.