The issue of open source license compliance is not a difficult one to deal with if you know what to look for.
That’s where the new Software Package Data Exchange (SPDX) standard comes into play. The SPDX 1.0 release is being made at the Linux Foundation’s LinuxCon event in Vancouver. SPDX is a working group of the Linux Foundation.
According to the Linux Foundation, the SPDX standard defines a standard file format that lists detailed license and copyright information for a software package and each file it comprises.
“SPDX solves a problem that came from big trends,” Jim Zemlin, Executive Director of the Linux Foundation told InternetNews.com. “One being the increased used of open source software to create devices and also the increased importance and complexity of software in general.”