Ben, On Wed, Feb 7, 2018 at 6:29 AM, Ben Boyter <[email protected]> wrote: > Hi All, > > First time using the lists for me, but I have been somewhat involved with > SPDX for a while now. I am in the middle of implementing at SPDX 2.1 > automated parser and am seeing come clarification of the Package > Verification Code logic > > https://spdx.org/spdx-specification-21-web-version#h.2p2csry > > The algorithm as listed seems incomplete. I was wondering if there was an > example implementation in something like Python or otherwise that can be > used as a reference? If not can there be a better spec of is listed and I > will be happy to build an implementation to work with. > > Hoping someone has one lying around.
Hey Ben! Good to see around! If you want my take, these codes are a major PITA. Especially in the case where you want to provide data about a package and do not care much about having ultra precision and self-verifiable content and instead want something that is good enough and uses the SPDX format. With that said they are computed alright in the Python library [1] in this function [2] [1] https://github.com/spdx/tools-python [2] https://github.com/spdx/tools-python/blob/a48022e65a8897d0e4f2e93d8e53695d2c13ea23/spdx/package.py#L233 -- Cordially Philippe Ombredanne +1 650 799 0949 | [email protected] DejaCode - What's in your code?! - http://www.dejacode.com AboutCode - Open source for open source - https://www.aboutcode.org nexB Inc. - http://www.nexb.com _______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
