OpenLogic, Inc., provider of enterprise open source support and management solutions for the data center and the cloud, today announced the newest version of OLEX Enterprise Edition that now supports the Software Package Data Exchange (SPDX) specification to streamline compliance activities for companies using and distributing open source software. In addition, OpenLogic is the first scanning vendor to create and freely share SPDX files for commonly used projects.
 
The SPDX specification, developed by the SPDX workgroup and hosted by the Linux Foundation, is a grass-roots effort including representatives from more than 20 software organizations, foundations and system integrations. The SPDX specification streamlines compliance by standardizing the way license information is shared across the software supply chain through a common file format about software licenses and copyrights.
 
“OpenLogic has been a leader in developing the SPDX specification and was one of six companies to participate in the SPDX beta program,” said Steve Grandchamp, CEO of OpenLogic. “We support the community coming together like this to make compliance easier and ultimately promoting the growth of open source software in the enterprise. SPDX provides a software ‘ingredient label’ for everyone in the software supply chain to know what they are receiving and possibly passing along to others.”
 
OpenLogic OLEX Enterprise Edition users can now identify open source software packages using OpenLogic’s free open source scanner OSS Discovery and then review and reconcile the open source packages to create a Bill of Materials and Bill of Licenses to facilitate compliance.  With this release, OLEX can automatically generate an SPDX file. When appropriate, this SPDX file can then be shared with supply chain partners and end users of the software.
 
OpenLogic is also the first scanning vendor to create SPDX files for commonly used projects and make them freely available for download, including Android Cupcake, Android Donut, Apache Lucene, BusyBox, Cacti and Linux DVB.
 
OpenLogic will conduct a one-hour webinar on Wednesday, April 11 at 11 a.m. PT entitled “Using SPDX to Streamline Open Source Compliance.” In this webinar, OpenLogic will give an overview of the SPDX standard, how SPDX fits into an overall compliance process and tips for implementing SPDX. Register here: http://www.openlogic.com/news/events.php.