Hi Gary,
Thanks for reply, then SPDXID will be mostly internal ID and can not be
referenced externally, Do you think this might need some change in SPDXID
documentation statement ?
"Uniquely identify any element in an SPDX document which may be referenced by
other elements. These may be
Hi ,
Is there any roadmap to integrate VEX to with SPDX ? Or is there already way
in current SPDX specification to integrate vulnerability information ?
Regards
Sandeep
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#1528):
Hi ,
Is there any document reference which can be used to see mapping between SPDX
tags and NTIA Minimum elements ?
Some element names can be easily confused , something like "Author of SBOM
Data" in NTIA Minimum elements and "Creator" tag in SPDX are those same ?
Regards
Sandeep
lists.spdx.org<mailto:spdx@lists.spdx.org>
mailto:spdx@lists.spdx.org>> On Behalf Of Patil, Sandeep
via lists.spdx.org
Sent: Monday, May 16, 2022 12:10 PM
To: spdx@lists.spdx.org<mailto:spdx@lists.spdx.org>
Subject: [spdx] SPDX and NTIA SBOM Minimum elements #spdx
Hi ,
Is there any docum
Hi ,
I have query regarding SPDXID , Can this be expressed along with CPE or pURL
something like
"SPDXRef-[cpe id]" or "SPDXRef-[pURL]"
Any further guidance on this will help.
Regards
Sandeep
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online
Hi ,
What is the license type that needs be used in spdx for 3 rd parties with
proprietary licenses (e.g., Microsoft)?
Regards
Sandeep
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#1540): https://lists.spdx.org/g/spdx/message/1540
Mute This
Hi All,
We have requirement to specify End Of Life as part of package information in
SBoM ,
Is there way current SPDX format support this ?
Regards
Sandeep
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#1509):
Hi All,
Is there any guidelines to sign SPDX file ?
Regards
Sandeep
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#1578): https://lists.spdx.org/g/spdx/message/1578
Mute This Topic: https://lists.spdx.org/mt/92889362/21656
Mute
Hi All,
We are excited to announce that we have open sourced our SBoM Merge tool on
GitHub. This tool allows you to merge multiple Software Bills of Materials
(SBOMs) into a single SBOM file in SPDX format. It provides shallow and deep
merge options. This can help you gain a comprehensive view
Hi All,
Please count me as well, I can contribute in development.
Regards
Sandeep
From: Spdx-tech@lists.spdx.org On Behalf Of Alexios
Zavras via lists.spdx.org
Sent: Wednesday, May 11, 2022 12:33 AM
To: Spdx-tech@lists.spdx.org
Subject: [spdx-tech] Python SPDX lib user needed...
You don't
10 matches
Mail list logo