Dear SPDX community, We are approaching the end of the current term for several members of the SPDX Steering Committee. We are reaching out to let the community know about the upcoming nomination and

Pull request not yet approved in GH, so here are the minutes. Sorry they are ugly and indentation isn’t working right. All good in GH. #SPDX General Meeting Minutes - January 5, 2023 ## Administrative

Extending the meeting for 2023…and beyond! Please accept this recurring invitation. “Dial In” info: Join the meeting: https://meet.jit.si/SPDXGeneralMeeting To join by phone instead, tap this: +1.512.

Researchers at Indiana University’s Luddy School of Informatics, Computing, and Engineering are looking for participants in the study of SBOM feature preferences. This is an online and asynchronous st

The Linux Foundation (LF) has launched The State of Open Standards Survey to capture how different organizations are involved in open standards adoption and contribution, with the aim of measuring the

Happy New Year, all. I hope you have a meeting on your calendar for Thursday. In case there is an issue, the conference info is included below. No special presentation this month. Also please note tha

Hello SPDX community! I am the ecosystem manager for Linux Foundation Research and we have recently launched The State of Open Standards Survey to capture how different organizations are involved in o

‘‘SEC. 524B. ENSURING CYBERSECURITY OF DEVICES. ‘‘(3) provide to the Secretary a software bill of 20 materials, including commercial, open-source, and 21 off-the-shelf software components; This text i

Hello Everyone, I’ve heard the SBOM provision that was in the NDAA is under consideration for the Omnibus Bill. I sent written testimony to the Senate Appropriations Committee deliberating the Omnibus

FYI: Please get the word out to restore the SBOM provision in the NDAA. “I don't see why any member of Congress would want to hamstring their own cybersecurity professionals from monitoring and mitiga

Sending this to the SPDX list per Gary’s suggestion at today’s SPDX tech team meeting. . Last Week I attended a FERC-DOE supply chain technical conference and a suggestion was made to host a “SBOM Ven

Dear all, A step forward to automate license processing is to characterize legal terms dealt with by licenses and describe licenses accordingly in order to reach a standardized model. To that end, we

Hi, I'm using the SPDX online validator and I'm trying to understand what this error means. Could someone shed some light on it? Analysis exception processing SPDX file: Unexpected Error: org.spdx.lib

Hi all, One of the suggestions in today’s call for the OpenChain Telco SIG, where we’re discussing proposals for an SBOM standard for the Telecommunications industry, was: > SBOMs conforming to the Te

Hoping to meet some people at this supply chain technical conference in Washington on December 7. Please come out and show your support for SBOM in software supply chains and meet many of the people w

This month we’ll have a couple special presentations. Gary will give a debrief on Wednesday’s docfest. Alexios will walk is through the GitHub 3.0 directories so everyone knows how to contribute. We’d

Dear SPDX Community, The SEMERU research lab from William and Mary is conducting an online survey to understand issues, needs, and opportunities related to software supply chain management through Sof

[this is also available as https://gist.github.com/zvr/c852b4a560ac2c67885c473034cd4a93] # FOSDEM 2023 - SBOM devroom info and CfP ## Overview [FOSDEM] is one of the world's premier meetings of free s

EMEA folks- US had not changed clocks yet, so the meeting time at 11EDT is an hour off from normal for you. We will have a special presentation from Thomas Steenbergen about how we have been evolving

Dear all, I'm wondering why https://spdx.org/licenses/Unicode-TOU.html is (still) part of the license list. Could it be deprecated? 1. First of all, the current text of the "Unicode® Copyright and Ter