🎙️ Next #OSPO OnRamp Webinar — March 20
🧩How #PURL transforms #OSPO operations w/ Philippe Ombredanne, creator of Package-URL (PURL)
🕥 10:30–12:00 CET
🌐 Join free: https://ospo-alliance.org/news/20260320_onramp_purl_for_ospos/
Software supply chains are more complex than ever — dozens of ecosystems, package managers, and dependencies.
🔍 Keeping track of what’s inside your software stack isn’t easy.
That’s where PURL comes in !
#PURL is an open standard that gives every software package a universal ID.
Whether it’s npm, PyPI, Maven, containers, or OS packages. It provides a consistent, URL-like format to identify them all.
For OSPOs, this means:
✅ Unified license compliance across ecosystems
⚡ Faster vulnerability tracking
🔐 Better governance & supply chain visibility
🤝 Vendor-neutral integration with open tools
You may your questions in advance using our dedicated thread on the OSPO Alliance Forum :
In the March session of the OnRamp webinar, Philippe Ombredanne will introduce Package-URL (PURL) as an open standard that provides a consistent, universal way to identify software packages across ecosystems, addressing critical issues in vulnerability tracking, license compliance, and supply chain security. Philippe, the creator of PURL, will explain its origins and how the specification evolved to balance cross-ecosystem consistency with ecosystem-specific details. Save the date, for a new to...
Eclipse Foundation
OSPO Alliance