I have also also already thought about encoding the sub-archive as its own package. But I think that packages have to many mandatory fields for this, e.g.: - PackageDownloadLocation - PackageLicenseConcluded - PackageLicenseDeclared
I do not think that these data can be filled canonically. Best regards Maximilian On Mi, 04. Jan 18:21, Yev Bronshteyn wrote: > What I would do is define a package to represent the contents of the zip > file, complete with verification code etc. The package could then have an > EXPANDED_FROM_ARCHIVE relationship to the archive file. > > The archive file could also have a CONTAINS relationship to the package > (although, per prior discussion, we really should add an inverse relationship > for EXPANDED_FROM_ARCHIVE). > > > > On 1/4/17, 12:31 PM, "[email protected] on behalf of > [email protected]" <[email protected] on behalf of > [email protected]> wrote: > > Hi Maximilian, > > I don't know of any specified way to represent files inside of an > unexpanded archive within SPDX. I could see this being a useful feature to > add, but we would need to consider whether we would require all files to be > included and if we include those files in the list of checksums and > verification codes. > > Regards, > Gary > > > -----Original Message----- > > From: [email protected] [mailto:spdx-tech- > > [email protected]] On Behalf Of Maximilian Huber > > Sent: Tuesday, January 3, 2017 1:43 AM > > To: [email protected] > > Subject: Question on representation of paths of files contained in > archives > > > > Hello spdx-tech@, > > > > I am currently working on the SPDX generation of FOSSology and I have a > > question regarding the representation of filepaths in SPDX files. > > > > The example is an archive containing another archive: > > example.tar.gz > > └── subExample.tar.gz > > where the inner archive subExample.tar.gz only contains a single > LICENSE file, > > i.e.: > > subExample.tar.gz > > └── LICENSE > > > > In FOSSology the full qualified path of the file LICENSE would be: > > > > > example.tar.gz/example.tar/example/subExample.tar.gz/subExample.tar/subExample > > /LICENSE > > > > Is there a SPDX equivalent of this path? > > How to replace the placeholder in the following line? > > example/<???>/LICENSE > > > > Best regards > > Maximilian > > > > -- > > Maximilian Huber * [email protected] * +49-174-3410223 TNG > > Technology Consulting GmbH, Betastr. 13a, 85774 Unterföhring > > Geschäftsführer: Henrik Klagges, Christoph Stock, Dr. Robert Dahlke > > Sitz: Unterföhring * Amtsgericht München * HRB 135082 > > _______________________________________________ > Spdx-tech mailing list > [email protected] > https://lists.spdx.org/mailman/listinfo/spdx-tech > > -- Maximilian Huber * [email protected] * +49-174-3410223 TNG Technology Consulting GmbH, Betastr. 13a, 85774 Unterföhring Geschäftsführer: Henrik Klagges, Christoph Stock, Dr. Robert Dahlke Sitz: Unterföhring * Amtsgericht München * HRB 135082
signature.asc
Description: PGP signature
_______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
