Channels ▼
RSS

Open Source

Linux Foundation Workgroup Standardizes Open Source Licensing


The Linux Foundation-sponsored SPDX workgroup has this week announced the release of version 1.0 of its Software Package Data Exchange (SPDX) standard.

The SPDX standard has been laid down to help facilitate compliance with free and open source software licenses by standardizing the way license information is shared across the software supply chain.

The foundation has said that SPDX reduces redundant work by providing a common format for companies and communities to share important data about software licenses and copyrights, thereby streamlining and improving compliance.

SPDX was developed with participation by a wide range of industry and open source community participants, including Black Duck Software, Canonical, HP, Micro Focus, Protecode, and Texas Instruments.

"The SPDX 1.0 standard is an example of how open compliance and collaboration can enable the advancement of Linux and open source software," said Jim Zemlin, executive director of The Linux Foundation.

"We applaud the SPDX workgroup for its important work on providing a consistent way to report and view license information for software technology components, making it even easier for companies to maximize their investments in free and open source software," he added.

Going to some lengths to justify the reason for this announcement, the foundation explained that most technology products today are assembled from multiple components that contain free and open source software, as well as commercial software; these components are created, delivered, and received by companies throughout the supply chain.

Because of the distributed nature and complexity of this "global software supply chain", the foundation asserts that it has become cumbersome and time consuming for each organization to prepare the license information for these components in the multiple distinct formats prescribed by others in their supply chain.

By enabling communities and companies to provide license information in a common format that can be easily analyzed and shared, the SPDX standard is hoped to accelerate the adoption of Linux and other free and open source software across industries, including the consumer electronics marketplace, by easing the burden of compliance through transparent sharing of license information.

The SPDX standard defines a standard file format that lists detailed license and copyright information for a software package and each file it comprises. The SPDX community has also provided open source tools to convert SPDX files to and from spreadsheet formats.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video