SPDX Project Survey 2019
Software Package Data Exchange® (SPDX®) is an open standard for communicating software bill of material information (including components, licenses, copyrights, and security references).

SPDX reduces redundant work by providing a common format for companies and communities to share important data about software licenses, copyrights, and security references, thereby streamlining and improving compliance.

The SPDX specification is developed by the SPDX workgroup, which is hosted by The Linux Foundation. The grass-roots effort includes representatives from more than 20 organizations—software, systems and tool vendors, foundations  and systems integrators—all committed to creating a standard for software package data exchange formats.
Sign in to Google to save your progress. Learn more
Are you based in a Company,  Non-Profit,   Education/Government, Project or Something Else? *
What geography are you in? *
Do you use SPDX License Identifiers in your source code? *
Are you using the external references for managing security for your software? *
Did you find the information available about producing and consuming SPDX documents sufficient? *
What would help improve our documentation? *
Required
Would you like a regular release cadence for updates to the SPDX Specification? *
Would you like to see the SPDX Specification become a formal standard (ISO, ECMA etc)? *
What do you think is the greatest strength of SPDX?
What do you think is the greatest challenge for SPDX?
Where would you like to see us go tomorrow?
Submit
Clear form
Never submit passwords through Google Forms.
This form was created inside of The Linux Foundation. Report Abuse