tools-python
tools-python copied to clipboard
spdx
A Python library to parse, validate and create SPDX documents.
The SPDX spec allows for multiple checksums to be provided for Packages and Files, but the current Package and File classes only allow a single value to be specified. See...
Make use of the [license-expression library](https://github.com/nexB/license-expression) to parse complex license expressions in SPDX documents. Signed-off-by: Xavier Figueroa
I see a major gap between the the v2.2 spec and the current python-tool implementation of the JSON format. In https://github.com/Yash-Varshney/tools-python/issues/9 discussion with @Yash-Varshney, @goneall have processed to add spec...
This patch add the sbom_generator utility, which examines a Python project and outputs a SPDX SBOM to standard output. Fixes #171. Signed-off-by: Jeff Licquia
This is a follow up to the closed PR https://github.com/spdx/tools-python/pull/192 by @lhh so we can have a discussion on the issue here. The two commits messages were: - Include filesAnalyzed...
https://github.com/spdx/tools-python/blob/fd6aeba22ec0ad7650571d99db19d2a113ed0782/spdx/parsers/tagvalue.py#L89
Support writing and parsing "filesAnalyzed" into XML/JSON/YAML. Fix parsers to support multiple packages per document. All the tests are passing.
Added pyproject.toml. Renamed console_scripts because their names are too generic to have this package installed into system. Versions are now fetched from git tags.