"License Clearance in Software Product Governance"


Kate Stewart
 

Just spotted a very nice reference to SPDX in Dirk Riehle's paper, and thought those on the list might find the paper interesting as well. 

http://dirkriehle.com/publications/2017-2/license-clearance-in-software-product-governance/

The first step is to have a standard format for a bill of materials that expresses what is included in a component. For this, the Linux Foundation has sponsored the creation of the Software Package Data Exchange (SPDX) standard [27] and tools for processing the standard [19].
SPDX is rapidly evolving. SPDX compliant documents provide information about what is contained within a software package, including the license information of a contained component, who created the component, its version, etc.


Kate 

Join spdx@lists.spdx.org to automatically receive all group messages.