Resumen
The System Package Data Exchange (SPDX) 3.0 is a standard for communicating bill of material information, including: software components; licenses, copyrights; security vulnerabilities, defects, and other quality data; software build information; artificial intelligence (AI) models; datasets; creator, supplier and distributor identity information; provenance and integrity; relationships between system elements; software usage and lifecycle; and mechanisms to enable annotating SPDX elements and linking between multiple SPDX Documents. SPDX reduces redundant work by providing a common format for companies and communities to share important data, thereby streamlining and improving compliance.
Informaciones generales
-
Estado: En desarrolloEtapa: Cierre de la votación [40.60]
-
Edición: 2Número de páginas: 212
-
Comité Técnico :ISO/IEC JTC 1ICS :35.080
- RSS actualizaciones
Ciclo de vida
-
Anteriormente
PublicadoISO/IEC 5962:2021
-
Ahora
