Week 1 meeting and activities
(May 28,2024)
Attendees
Discussions
- I presented the basic SPDX v3.0 JSON-ld format report to the mentors.
- Got a feedback for the implementation of the required fields and profiles in the reports .
- Also was asked to validate the reports generated using the SPDX python tool.
- Next Step: Work on Licensing profile in JSON-ld reports.
Core and software profile use cases
-
Core profile
- The Core profile describes the foundational classes and properties that are used by all profiles of the SPDX model.
-
Software profile
- The Software profile contains information about files, packages, SBOMs, snippets, and artifacts of the software application.
The model image for the Core+Software profile. I have implemented the following use cases as required by the organization for this profile:
- Person
- Agent
- Tool
- File
- Package
- Person with full CreationInfo
- Package with ExternalIdentifier
- Relationship with Package containing Files
- SpdxDocument with Files
Updates
- Started working on SPDX v3.0 JSON-ld format report generation.
- In this week, I targeted to implement Core and Software profiles in this format.