Fix document-level SPDX identifiers #21
Conversation
twaugh
force-pushed
the
SPDX-Document
branch
2 times, most recently
from
59c21e6 to
a0ed2ed
Compare
|
Ha, I was actually writing this up into the docs and thought about fixing this to resemble something closer to reality. Any reason not to set it to just |
|
Mmm, now I saw the Slack thread about this. Re-reading the SPDX docs, I guess I misunderstood what this value should be set to. It's merely an ID of the document itself that can be used within the relationship objects. The unique identifier of the document in a set of documents should be the documentNamespace then (even though in the JSON schema it's not a required attaibute)? Am I reading the spec wrong? Also, if references are used between two different docs, shouldn't they use the SPDXID value? |
Spec says it has to be that specific string: https://spdx.github.io/spdx-spec/v2.3/document-creation-information/#631-description And yes, documentNamespace is the unique identifier in a document set, and the spec says it is required: https://spdx.github.io/spdx-spec/v2.3/document-creation-information/#65-spdx-document-namespace-field Both of these points are not reflected accurately in the JSON Schema I think.
For externalDocumentRef? It would be something like "my-external-doc:SPDXRef-Document" if you want to refer to the actual document itself. |
Gotcha, and That JSON schema really isn't great... |
It would be the short ID string. So actually it would be more like "DocumentRef-my-doc:SPDXRef-Document". https://spdx.github.io/spdx-spec/v2.3/document-creation-information/#66-external-document-references-field |
No description provided.