Top 3 Java spdx Projects

cyclonedx-maven-plugin

10 273 8.3 Java

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

Project mention: Krita fund has 0 corporate support | news.ycombinator.com | 2023-10-05

As others have already commented:
The US government has added SBOMs to a proposed rule to update the Federal Acquisition Regulation. So if you want to sell to the US Government you'll have to provide SBOMs: https://www.federalregister.gov/documents/2023/10/03/2023-21...
Lots of large companies require SBOMs from their supplier.
In the EU we will get the Cyber Resilience Act which will make them mandatory as well in certain cases: https://data.consilium.europa.eu/doc/document/ST-12536-2023-...
And yes, there's bascially two technical standards to provide them: SPDX and CycloneDX: https://cyclonedx.org/

cyclonedx-gradle-plugin

6 139 8.3 Java

Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
cyclonedx-core-java

1 68 7.9 Java

CycloneDX SBOM Model and Utils for Creating and Validating BOMs

Project mention: Dependency inventory / dashboard for multiple maven projects | /r/java | 2023-06-08

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).