Do you want to archive old emails now? We’ve all seen the prompt and many of us choose to consign thousands of emails to an uncertain fate, protected (somewhere) in case we should ever need to cover our arses in some future argument. But this paints a very limited and negative picture of the importance and indeed relevance of archives. Today archives are associated with rearward-facing research, often seeking to uncover a truth long after alternative facts have taken hold.

The DevOps, IT security and IT governance communities will remember 2021 as the year when the Software Bill of Materials , or SBOM, graduated from a “nice to have” to a “must have.” Around for years, the SBOM has now become a critical DevSecOps piece, which everyone must thoroughly understand and incorporate into their SDLC (Software Development Lifecycle).

Many people will have heard of the SPDX project through the work on the SPDX License List. This list of canonical identifiers for various software licenses is used in a huge range of developer-focused software, from Snyk to GitHub. But the SPDX project, which is part of the Linux Foundation, has a much broader focus on providing an open standard for communicating software bill of material information.