Back in 2010, the Linux Foundation first launched its Software Package Data Exchange (SPDX) effort that helps to build out and identify software components in a standardized manner. Since then, use of SPDX has grown, and on May 12 the SPDX 2.0 specification was announced. The new specification aims to be even more comprehensive in helping organizations understand the open-source licenses that are used as part of an application deployment.Over the last several years, a number of large companies have adopted SPDX for internal tracking and sharing of licensing information, according to Jack Manbeck, SPDX Business Team co-chair.
Read more at eWeek.