The Software Package Data Exchange® (SPDX®) specification (https://spdx.org) is a standard format for communicating the components and licenses associated with software packages. Software Suppliers sometimes use SPDX format to communicate the list of open source components contained in the software they are supplying.
hub-spdx is a utility that generates an SPDX report (RDF format) representing the Bill Of Materials (BOM) of a Black Duck Hub project version.
You can download the latest binary and/or source from GitHub: https://github.com/blackducksoftware/hub-spdx.
All documentation for hub-docker-inspector can be found on our public Black Duck Confluence