SPDX

The Software Package Data Exchange (SPDX) is an open standard under the Linux Foundation for communicating software bill of materials information including components, licenses, copyrights, and security references. It is an ISO/IEC standard (ISO/IEC 5962) used for software supply chain transparency.

1 APIs 0 Features

LicensingLinux FoundationSBOMStandards

APIs

SPDX API

API for accessing SPDX open standard resources for software bill of materials, license compliance, and software supply chain transparency information.

Resources

Sources

aid: spdx
name: SPDX
description: >-
  The Software Package Data Exchange (SPDX) is an open standard under the Linux Foundation for communicating software bill of materials information including components, licenses, copyrights, and security references. It is an ISO/IEC standard (ISO/IEC 5962) used for software supply chain transparency.
type: Index
position: Consumer
access: 3rd-Party
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
tags:
  - Licensing
  - Linux Foundation
  - SBOM
  - Standards
created: '2026-03-16'
modified: '2026-03-16'
url: >-
  https://raw.githubusercontent.com/api-evangelist/spdx/refs/heads/main/apis.yml
specificationVersion: '0.19'
apis:
  - aid: spdx:spdx-api
    name: SPDX API
    description: >-
      API for accessing SPDX open standard resources for software bill of materials, license compliance, and software supply chain transparency information.
    humanURL: https://spdx.dev/learn/overview/
    tags:
      - Licensing
      - SBOM
    properties:
      - type: Documentation
        url: https://spdx.dev/learn/overview/
common:
  - type: Documentation
    name: SPDX Documentation
    description: Official documentation for SPDX.
    url: https://spdx.dev/learn/overview/
  - type: GitHubOrg
    name: SPDX GitHub
    description: Source code and repositories for SPDX.
    url: https://github.com/spdx
maintainers:
  - FN: Kin Lane
    email: [email protected]