UtcXsdDate
LicenseSlug
SpdxDocument
1
describesPackage
The describesPackage
property relates an SpdxDocument
to the package which it describes.
Package
creationInfo
The creationInfo
property relates an SpdxDocument
to a set of information about the creation of the SpdxDocument.
CreationInfo
1
1
sdpxVersion
Identifies the version of this specification that was used to produce this SPDX document.
reviewed
The review
property relates a SpdxDocument
to the review history.
Review
1
1
reviewDate
The date and time at which the SpdxDocument was reviewed.
1
reviewer
The name and, optionally, contact information of the person who performed the review.
licenseInfoFromFiles
Licensing information that was discovered directly in the package. This is effectively a union of the licenseInfoInFile properties of all the files contained in the package.
License
1
licenseId
A short name for the license that is made up of ascii characters from the set 'a'-'z', 'A'-'Z', '0'-'9', '+', '_', and '-'.
1
File
1
1
1
1
1
licenseText
The full text of the license.
ExtractedLicensingInfo
1
1
extractedText
Verbatim license or licensing notice text that was discovered.
checksum
The checksum
property provides a digest of a File
or File
. This allows consumers of the SPDX document to verify that the content of the files or package has not changed.
Checksum
1
checksumValue
The checksumValue
property provides a digest value produced using a specific algorithm.
1
algorithm
Identifies the algorithm used to produce a checksum.
ConjunctiveLicenseSet
DisjunctiveLicenseSet
1
member
A license, or other licensing information, that is a member of the subject license set.
1
packageFileName
The base name of the package filename. This will often included the package name, version information and archive/compression method. For example, zlib-1.2.5.tar.gz
.
1
hasFile
Indicates that a particular file belongs to a package.
1
1
fileName
The name of the file relative to the root of the package.
1
name
The full name of the package including version information.
creator
The name and, optionally, contact information of a person, organization or tool that created, or was used to create, the SpdxDocument.
licenseInfoInFile
Licensing information that was discovered directly in the subject File.
licenseConcluded
The licensing that the preparer of this SPDX document has concluded, based on the evidence, actual applies to the package.
1
sourceInfo
Allows the producer(s) of the SPDX document to describe how the package was acquired and/or changed from the original source.
1
licenseDeclared
The licensing that is declared by the authors of the package.
fileType
The type of the file.
created
The date and time at which the SpdxDocument was created.
1
1
downloadLocation
The URI at which this package is available for download. Private (ie, not publicly reachable) URIs are acceptable as values of this property.
1
1
packageVerificationCode
A manifest based hash of the package. This allows consumers of this dataset to determin if a package they have in hand is identical to the package from which the data was produced. This algorithm works even if the SPDX document is included in the package. This algorithm is described in detail in the SPDX spec.
1
1