Software Package Data Exchange (SPDX) is a machine-readable exchange format for license information, components and copyrights. It is based on the Extensible Markup Language (XML) and standardizes, among other things, the license designations of open source software
(OSS), since these are often used differently. By standardizing the license designations for open source software, the SPDX standard contributes to standardization. SPDX files do not contain any information about the software architecture or about the use of the open source software. They do, however, represent the rules under which information about further developments must be provided and the software
must be used. The SPDX specifications were developed by the SPDX working group, which is based at the Linux Foundation. More than 20 different organisations have contributed the basic principles.