tools-python
tools-python copied to clipboard
spdx
A Python library to parse, validate and create SPDX documents.
The Github spdx JSON file I got looked like this:  The nesting trips up the parser entirely but is easily fixed.
src/spdx_tools/spdx/parser/jsonlikedict/license_expression_parser.py uses License().parse(expr) directly, rather than get_spdx_licensing().parse(expr) as used in parser/tagvalue/parser.py. The difference results in a different LicenseSymbol for GPl-2.0, e.g. ``` >>> from license_expression import Licensing >>> Licensing().parse('GPL-2.0') LicenseSymbol('GPL-2.0',...
URLs are still valid even if they contain capital letters. See https://datatracker.ietf.org/doc/html/rfc3986 and https://datatracker.ietf.org/doc/html/rfc2234
Update spdx_tools.spdx3.model to the latest in [SPDX v3.0.1](https://spdx.github.io/spdx-spec/v3.0.1/annexes/rdf-model/): - Move Core Profile-related files to their own directories (following current v3 model structure) - from `spdx_tools.spdx3.model` to `spdx_tools.spdx3.model.core` - from `spdx_tools.spdx3.writer.console`...
**Purpose of this PR:** Currently, all `model` in the codebase are implemented as `dataclass` with additional functionality provided by `dataclass_with_properties`. However, this approach causes static type checkers to fail in...
The README says that when using parse_file() from parse_anything.py "Unsuccessful parsing will raise SPDXParsingError with a list of all encountered problems." However, other Exceptions can be raised for very badly...
- Update example to match new directory structure: `tests/data/xxx.json` -> `tests/spdx/data/xxx.json` - Update spec-parser parameters and output directory to current - Remove trailing spaces - Ensure one blank line before...
A fix for issue #827 SPDX 2.3 reference use the term "OPERATING-SYSTEM" instead of "OPERATING_SYSTEM" which is was is output by this library. Documentation: https://spdx.github.io/spdx-spec/v2.3/package-information/#724-primary-package-purpose-field
In SPDX v2.3, Package can have a property "PrimaryPackagePurpose" which support a defined set of value. SPDX reference use "OPERATING-SYSTEM" value while the spdx_tools library output "OPERATING_SYSTEM" with underscore instead...