Skip to main content

Week 2 Meeting and Activities

(June 4, 2024)

Attendees

Discussions

  • I presented the changes after implementing the Core and Software Profiles made in the SPDX v3.0 report in JSON-ld format to the mentor.
  • I discussed with the mentors about the SPDX python tool for validation of v3.0 reports as it was not optimised for v3.0 reports. So, it was decided to look for it later or will perform the validation manually.
  • Next Step: Work on JSON report generation.

Licensing profile use cases

The Licensing profile describes the aspects of licensing for the software application under three categories (sub-directories) - Licensing, SimpleLicensing, and ExpandedLicensing.

The Licensing category describes information about declared licenses and concluded (detected) licenses. The SimpleLicensing category describes information about text-formatted licenses. The ExpandedLicensing category describes information about parseable and machine-readable licenses.

The model image for the Licensing profile.

Activities

  • In this week, I continued to work on the SPDX v3.0 JSON-ld format report generation for Licensing profile.
  • Made a PR#2750 for Generation of SPDX v3.0 report in JSON format.

Sample Implementation of Core and Software Profile

Implemented the following use cases as required by the organization under Core and Software profile:

Person

Tool

File

Package

  • Relationship with Package containing Files

Relationship with Package containing Files

  • SpdxDocument with Files

SpdxDocument with Files