Gary O'Neall
Gary O'Neall
> Is it possible to have more than one DESCRIBES relationships in an SPDX document? @Moullisha - Yes - the cardinality is one or more.
> Can an SPDXRef-DOCUMENT describe multiple packages? @Moullisha Yes - the above is syntactically valid. The semantics of the above example is stating the the SPDX document is "about" or...
> Is it safe to say that there should be only one DESCRIBES relationship b/w SPDXRef-DOCUMENT and a top-level package, if the SPDX doc contains only packages/modules contained in a...
I believe this is now resolved. If you disagree, feel free to reopen
My interpretation of the use of these fields is for `NOASSERTION` to be used to indicate "known unknowns" and the `NONE` is a statement that there are no relationships of...
This has been addressed in the 3.0 spec - closing this issue as resolved.
Good question. I just checked the Java tools and the SPDX Spreadsheet converts the `FileDependency` to the `DEPENDS_ON` relationship. Since `DEPENDS_ON` is more general, I believe it would be the...
Closing this as resolved -
Just to clarify - this is tripping on the encoding for the [spdx-schema.json](https://github.com/spdx/spdx-spec/blob/development/v2.3.1/schemas/spdx-schema.json) file? If so, I wonder what character it is tripping on. I would expect only ascii in...
Ping @ty1279 - can you clarify per the comment above?