The Linux Foundation (LF) has launched The State of Open Standards Survey to capture how different organizations are involved in open standards adoption and contribution, with the aim of measuring the

Thanks, Max. I think that “bug” has been there for a while. I will endeavor to eliminate it going forward. Thanks for pointing it out. Phil From:spdx@... <spdx@...> on behalf of Maximilian

Hey Phil, just checked the meeting time and there seems to be an inconsistency: 8am PT / 10 am CT / 11am ET  mapps to  16:00 UTC I assume that 16:00 UTC, as it is the usual time, is

Happy New Year, all. I hope you have a meeting on your calendar for Thursday. In case there is an issue, the conference info is included below. No special presentation this month. Also please

Hello SPDX community! I am the ecosystem manager for Linux Foundation Research and we have recently launched The State of Open Standards Survey to capture how different organizations are involved in

‘‘SEC. 524B. ENSURING CYBERSECURITY OF DEVICES. ‘‘(3) provide to the Secretary a software bill of 20 materials, including commercial, open-source, and 21 off-the-shelf software

Hello Everyone, I’ve heard the SBOM provision that was in the NDAA is under consideration for the Omnibus Bill. I sent written testimony to the Senate Appropriations Committee deliberating the

It’s all moot now. The bill passed the House and Senate today and is on it’s way to the President’s desk. https://www.congress.gov/bill/117th-congress/house-bill/7776/text All of the

You shared this previously https://insidecybersecurity.com/share/14118 I think that's a significant reason. And even as a proponent / agitator of SBOMs myself, I find the arguments they lay out

Eliot, I’m not familiar with the GSA work you mention. Can you provide a pointer to GSA documents indicating that SBOM’s are required. I’ve seen where SBOM’s are required in the

Why? GSA is already specifying SBOMs. And is the list to encourage congressional lobbying? On 16.12.22 20:38, Dick Brooks wrote:

FYI: Please get the word out to restore the SBOM provision in the NDAA. “I don't see why any member of Congress would want to hamstring their own cybersecurity professionals from monitoring

Sending this to the SPDX list per Gary’s suggestion at today’s SPDX tech team meeting. . Last Week I attended a FERC-DOE supply chain technical conference and a suggestion was made to host a

Dear all, A step forward to automate license processing is to characterize legal terms dealt with by licenses and describe licenses accordingly in order to reach a standardized model. To that end, we

Thank you, Gary! I wasn't sure where the right place was to ask this question. Issue submitted with example: https://github.com/spdx/spdx-online-tools/issues/414

Hi Keith, The “Unexpected Error” usually indicates an issue with the validation tool itself. Can you post an issue at https://github.com/spdx/spdx-online-tools/issues and attach a file that

Hi, I'm using the SPDX online validator and I'm trying to understand what this error means. Could someone shed some light on it? Analysis exception processing SPDX file: Unexpected Error:

Having also been in that call I would also like this clarification. The idea behind having this information available is for the recipient to make her or his own judgement on how accurate they expect

Hoping to meet some people at this supply chain technical conference in Washington on December 7. Please come out and show your support for SBOM in software supply chains and meet many of the

Hi Steve, I’m going to include the SPDX tech group on the email thread – sorry to many of you for the duplication. Steve – If you’re a member of that email we can continue the thread