I noticed this too! Yesterday I got in contact with GitHub security and I got the name of the person to talk to suggest improvements. I wrote to them and offered to help improve it myself if it has an open source backend or at least create some issues to suggest those improvements.
On Thu, Mar 30, 2023 at 10:32 AM Vargenau, Marc-Etienne (Nokia - FR/Paris-Saclay) <[email protected]> wrote: > Hi, > > > > I did some quick tests. > > I always get invalid SPDX, mostly with “Empty license expression” and “No > SPDX element found for SPDX ID” flagged by the validator. > > > > Does anyone know where to file bugs? > > > > Best regards, > > > > Marc-Etienne > > > > *From:* [email protected] <[email protected]> *On Behalf Of *Manbeck, > Jack via lists.spdx.org > *Sent:* Wednesday, March 29, 2023 10:01 PM > *To:* SPDX-general <[email protected]> > *Subject:* [spdx] GitHub blogged they are creating SBOMs in SPDX format > > Looks like GitHub has a self-service option to create SBOMs for a GitHub > Project based on SPDX! > > See this blog > <https://github.blog/2023-03-28-introducing-self-service-sboms/> from > them. > > > > Best Regards, > > > > Jack Manbeck > > Outreach Chair > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#1656): https://lists.spdx.org/g/spdx/message/1656 Mute This Topic: https://lists.spdx.org/mt/97936943/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/spdx/leave/2655439/21656/1698928721/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
