SPDX is one of the three SBOM specifications recommended by NTIA/CISA.
The SPDX team is working on a significant update — SPDX version 3.0, targeted for general availability this fall. SPDX 3.0 packs features that cover new SBOM use cases and simplify existing capabilities.
...