ClearlyDefined and its parent organization, the
Open Source Initiative,
are on a mission to help FOSS projects thrive by being,
well, clearly defined.
Lack of clarity around licenses and security vulnerabilities reduces engagement -- that means fewer users, fewer contributors and a smaller community. This is a community-wide challenge that needs a community-wide approach.
The Linux Foundation is a non-profit consortium dedicated
to fostering the growth of Linux. Founded in 2000, The
Linux Foundation sponsors the work of Linux creator Linus
Torvalds and is supported by leading Linux and open source
companies and developers from around the world.
nexB has been a Silver member since 2013. We are a vendor for the Commercial Compliance Tools which is approved by the Linux Foundation.
Software Package Data Exchange
(SPDX) specification is
a standard format for communicating the components, licenses
and copyrights associated with a software package. We are
co-founders of this working group from the Linux Foundation.
The aim of SPDX is to reduce redundant work by providing a common format for companies and communities to share information across the upply chain, thereby streamlining and improving compliance.