SPDX Bake off to compare tools generating code for the SPDX 2.1 specification on October 6, 2016.
|
Kate Stewart
Hi, The SPDX tech team will be hosting an SPDX Tools BakeOff at LinuxCon Europe on 6 October 2016. Participation can be remote by phone or in person. The Bake-off (also known by some as a Plugfest) will focus on comparing SPDX Documents generated with SPDX specification 2.1 features along with answering any questions people may have about the new revision. For more information on how to participate, please read Background info for the SPDX 2.1 Bake-off in LinuxCon Europe. If you have questions, please send email to spdx-tech@... Thanks on behalf of the SPDX tech team, Gary & Kate |
|
|
|
Kate Stewart
Hi Bradley, On Thu, Sep 22, 2016 at 5:30 PM, Bradley M. Kuhn <bkuhn@...> wrote: Kate, There are no licensing requirements for tools themselves to participate in the bake-off, the only requirement is that they are able to produce (and ideally consume) valid SPDX files. We're pleased that FOSSology is going to participate for the first time in one of our bake-off's in Berlin, which is a tool I believe you use already. We've also got listed the community supported tools as well as the commercial tools we know about on our web site, if you want to see the possible participants. All tools (even if they are not listed on the site) are welcome. Hope this helps, Kate |
|
|
|
Sam Ellis <Sam.Ellis@...>
Hi,
Whilst preparing for SPDX bakeoff I noticed a few issues with my interpretation of the specification that may be worth discussion.
Firstly a number of fields in tag files contain arbitrary text enclosed within <text>...</text> tags. I found examples where the text I am including within these tags does itself contain HTML/XML tags from the source document. The inclusion of non-SPDX tags within the <text> tags makes it hard to spot the end of the </text>. This raises the question of whether the text within <text> tags ought to be escaped in some way? I did not find anything on this point in the SPDX specification (apologies if I missed anything).
Secondly, I noticed that in the tag field PackageLicenseInfoFromFiles I am including license exceptions, for example:
PackageLicenseInfoFromFiles: Classpath-exception-2.0
However, I think my use is incorrect. The spec says a license identifier is needed here, and a license exception identifier is not a license identifier. I cannot alternatively use "license WITH exception" here because this is an expression not a license identifier. This raises the question, how should exceptions be represented in PackageLicenseInfoFromFiles, if at all?
I appreciate your thoughts on these issues.
From: spdx-tech-bounces@... [mailto:spdx-tech-bounces@...]
On Behalf Of Kate Stewart
Sent: 22 September 2016 19:58 To: spdx-tech@...; SPDX-general Subject: SPDX Bake off to compare tools generating code for the SPDX 2.1 specification on October 6, 2016.
Hi, The SPDX tech team will be hosting an SPDX Tools BakeOff at LinuxCon Europe on 6 October 2016. Participation can be remote by phone or in person. The Bake-off (also known by some as a Plugfest) will focus on comparing SPDX Documents generated with SPDX specification 2.1 features along with answering any questions people may have about the new revision. For more information on how to participate, please read Background info for the SPDX 2.1 Bake-off in LinuxCon Europe. If you have questions, please send email to spdx-tech@... Thanks on behalf of the SPDX tech team, Gary & Kate
|
|
|