https://bugs.linuxfoundation.org/show_bug.cgi?id=1361
Bug ID: 1361
Summary: RDF for external references inconsistent, incomplete
Product: SPDX
Version: 2.1
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Spec
Assignee: [email protected]
Reporter: [email protected]
Classification: Unclassified
The "PACKAGE-MANAGER" category is inconsistent with other names, where we use
underscore instead of hyphen (such as "DISTRIBUTION_ARTIFACT" or "DATAFILE_OF"
in relationship).
The categories are not demonstrated in the RDF examples. To demonstrate them,
we would need to, ideally, represent them with URIs, e.g.
<category
rdf:resource="http://spdx.org/rdf/terms#referenceCategory_package_manager"; />
This also means categories need to be added to the ontology.
Lastly, upon further reading, I would recommend separating the "target"
property in RDF into two: "type" and "locator", which are terms we already
define spearately. Unliked the tag format, which aims to be readable, the core
tenet of RDF is to be resolvable. This way, type can be represented in RDF by a
URI that can resolve to provide more information about the target. We can
define the vocabulary of that as part of the ontology work for SPDX 2.1 - it
needn't be in the spec.
So an example of a full external reference in to a standard repository might
be:
<spdx:Package rdf:about="http://yevster.com/packages/foobar";>
<spdx:externalRef>
<spdx:ExternalRef>
<spdx:referenceCategory
rdf:resource="http://spdx.org/rdf/terms#referenceCategory_package_manager"; />
<spdx:referenceType
rdf:resource="http://spdx.org/rdf/refeferences/maven-central"; />
<spdx:referenceLocator>org.apache.commons:commons-lang:3.2.1</spdx:referenceLocator>
</spdx:ExternalRef>
</spdx:externalRef>
</spdx:package>
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
Spdx-tech mailing list
[email protected]
https://lists.spdx.org/mailman/listinfo/spdx-tech
