Black Duck Software Offers Support for SPDX Version 1.0 [Professional Services Close - Up]
(Professional Services Close - Up Via Acquire Media NewsEdge) Black Duck Software, a global provider of strategy, products and services for automating the management, governance and secure use of open source software, announced support for the release of the Software Package Data Exchange (SPDX) Version 1 open source standard in the Black Duck Suite.
SPDX is an industry standard for communicating the open source components, licenses and copyrights associated with a software package. SPDX provides a uniform approach to documenting and sharing metadata about software packages, making it more efficient for supply chain partners to communicate. The standard's top objective is to help companies comply with software licensing obligations.
Black Duck, which has the largest customer base in the open source code and license management industry, will generate SPDX output as part of the reporting capability of the Black Duck Suite. There will be no additional cost for Black Duck's expanding base of 1,000 customers located in 24 countries.
"As a Black Duck customer and an active supporter of the SPDX standard, Texas Instruments is pleased that Protex now supports SPDX," said Jack Manbeck, manager, Open Source Review Board, TI Texas Instruments. "Having such tools will help the community propagate the use of SPDX and enhance supply chain efficiency." Black Duck co-chairs the Linux Foundation's SPDX Working Group that brings together representatives from open source projects, vendors, and corporate users across the industry and around the globe; the Black Duck technology team actively contributes to the standard.
((Comments on this story may be sent to [email protected])) (c) 2011 ProQuest Information and Learning Company; All Rights Reserved.
Interview with DeviceAnywhere
Interview with nPhase
Interview with 360networks