Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include documentation of how SPDX files are created #37

Open
lee0c opened this issue Oct 18, 2021 · 1 comment
Open

Include documentation of how SPDX files are created #37

lee0c opened this issue Oct 18, 2021 · 1 comment
Assignees
@swinslow

Comments

@lee0c
Copy link

lee0c commented Oct 18, 2021
edited

It would be great to see the specific tooling calls used to create each SBOM in the repo to understand how the different styles and specific sets of info are built out.

Or, if they are created manually, it would be worth specifying that somewhere.
@swinslow swinslow self-assigned this Nov 15, 2021
@swinslow
Copy link
Member

Thanks @lee0c! Great suggestion.

For examples 1 through 6, for most of the SPDX documents I started by using the Golang SPDX tools builder and idsearcher packages. I then tweaked the results by hand to add extra data to illustrate the particular example.

For example 7, I believe @nishakm created these by hand.

I'll plan to add a PR to clarify this in the repo docs. Thanks for suggesting it!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@swinslow swinslow

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@swinslow @lee0c