Maximilian, You can use NOASSERTION as the value for all these fields if you don’t have any concrete data to specify.
Either way, we should cover this scenario in the best practices document we shall release sometime after the second coming. Yev On 1/4/17, 4:14 PM, "Maximilian Huber" <[email protected]> wrote: I have also also already thought about encoding the sub-archive as its own package. But I think that packages have to many mandatory fields for this, e.g.: - PackageDownloadLocation - PackageLicenseConcluded - PackageLicenseDeclared I do not think that these data can be filled canonically. Best regards Maximilian On Mi, 04. Jan 18:21, Yev Bronshteyn wrote: > What I would do is define a package to represent the contents of the zip file, complete with verification code etc. The package could then have an EXPANDED_FROM_ARCHIVE relationship to the archive file. > > The archive file could also have a CONTAINS relationship to the package (although, per prior discussion, we really should add an inverse relationship for EXPANDED_FROM_ARCHIVE). > > > > On 1/4/17, 12:31 PM, "[email protected] on behalf of [email protected]" <[email protected] on behalf of [email protected]> wrote: > > Hi Maximilian, > > I don't know of any specified way to represent files inside of an unexpanded archive within SPDX. I could see this being a useful feature to add, but we would need to consider whether we would require all files to be included and if we include those files in the list of checksums and verification codes. > > Regards, > Gary > > > -----Original Message----- > > From: [email protected] [mailto:spdx-tech- > > [email protected]] On Behalf Of Maximilian Huber > > Sent: Tuesday, January 3, 2017 1:43 AM > > To: [email protected] > > Subject: Question on representation of paths of files contained in archives > > > > Hello spdx-tech@, > > > > I am currently working on the SPDX generation of FOSSology and I have a > > question regarding the representation of filepaths in SPDX files. > > > > The example is an archive containing another archive: > > example.tar.gz > > └── subExample.tar.gz > > where the inner archive subExample.tar.gz only contains a single LICENSE file, > > i.e.: > > subExample.tar.gz > > └── LICENSE > > > > In FOSSology the full qualified path of the file LICENSE would be: > > > > example.tar.gz/example.tar/example/subExample.tar.gz/subExample.tar/subExample > > /LICENSE > > > > Is there a SPDX equivalent of this path? > > How to replace the placeholder in the following line? > > example/<???>/LICENSE > > > > Best regards > > Maximilian > > > > -- > > Maximilian Huber * [email protected] * +49-174-3410223 TNG > > Technology Consulting GmbH, Betastr. 13a, 85774 Unterföhring > > Geschäftsführer: Henrik Klagges, Christoph Stock, Dr. Robert Dahlke > > Sitz: Unterföhring * Amtsgericht München * HRB 135082 > > _______________________________________________ > Spdx-tech mailing list > [email protected] > https://lists.spdx.org/mailman/listinfo/spdx-tech > > -- Maximilian Huber * [email protected] * +49-174-3410223 TNG Technology Consulting GmbH, Betastr. 13a, 85774 Unterföhring Geschäftsführer: Henrik Klagges, Christoph Stock, Dr. Robert Dahlke Sitz: Unterföhring * Amtsgericht München * HRB 135082 _______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
