Yev Bronshteyn: > This is exactly the point of the filesAnalyzed attribute.
Ah! *Now* I understand your point. Good to know. Is there a URL for the current SDPX draft? So would the text below be a valid LICENCE.spdx file, for someone trying to declare that "spdx-tutorial" was declared to be licensed as "CC-BY-3.0+" by the package originator? Please note that the example below is already excessively long & complex. For example, information like "PackageName" is duplicative (this would be embedded in the project, which already knows its name). I'm seriously thinking about dropping "Creator" (who cares?) and DataLicense (it's so short and structured that it's improbable anyone could enforce rights on it anyway). Using XML is a complete non-starter for this use case. --- David A. Wheeler =========================== SPDXVersion: SPDX-2.0 DataLicense: CC0-1.0 Creator: David A. Wheeler PackageName: spdx-tutorial PackageOriginator: David A. Wheeler PackageHomePage: https://github.com/david-a-wheeler/spdx-tutorial PackageLicenseDeclared: CC-BY-3.0+ FilesAnalyzed: false _______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
