Software transparency refers to the practice of providing comprehensive and easily accessible information about the components and dependencies within a piece of software, how the software was manufactured, and the behaviors observed or attestations made by the organization that developed the software.
This transparency aims to enhance security, compliance, and overall understanding of supply chain risk. A critical tool in achieving software transparency is a Bill of Materials (BOM), a structured list detailing all software components used in an application. Through software transparency, organizations can better manage software vulnerabilities, track open-source components, and foster a more secure and accountable software development and distribution ecosystem. TC54 aims to standardize core data formats, APIs and algorithms around software transparency information.
This work intends not to use patents or if so then only royalty free patents. To aid in achieving that objective, this TC is using the Royalty-Free Patent Policy.
# | Name | WorkSpace |
---|---|---|
TC54-TG1 | Transparency Exchange API | https://github.com/Ecma-TC54/tg1 |
TC54-TG2 | Package URL | https://github.com/Ecma-TC54/tg2 |
TC54-TG3 | Common Lifecycle Enumeration | https://github.com/Ecma-TC54/tg3 |
TGs which have accomplished their task.
# | Name | WorkSpace |
---|