spdx-examples icon indicating copy to clipboard operation
spdx-examples copied to clipboard

Published 20 hours ago verified publisher icon spdx

Include documentation of how SPDX files are created

Open lee0c opened this issue 4 years ago • 2 comments

It would be great to see the specific tooling calls used to create each SBOM in the repo to understand how the different styles and specific sets of info are built out.

Or, if they are created manually, it would be worth specifying that somewhere.

lee0c avatar Oct 18 '21 20:10 lee0c

Thanks @lee0c! Great suggestion.

For examples 1 through 6, for most of the SPDX documents I started by using the Golang SPDX tools builder and idsearcher packages. I then tweaked the results by hand to add extra data to illustrate the particular example.

For example 7, I believe @nishakm created these by hand.

I'll plan to add a PR to clarify this in the repo docs. Thanks for suggesting it!

swinslow avatar Nov 15 '21 14:11 swinslow

This one is a step by step guide to create SPDX 3.0 document manually: https://spdx.github.io/spdx-spec/v3.0/annexes/getting-started/

bact avatar Jun 17 '24 00:06 bact