This specification describes the SPDX language, defined as a dictionary of named properties and classes using W3C's RDF Technology. SPDX is a designed to allow the exchange of data about software package. This information includes both lists of files contained in the package and the licensing information related to the contained files or the package as a whole. Licensing information that was discovered directly in the package. This is effectively a union of the licenseInfoInFile properties of all the files contained in the package. Each Package represents a piece software that is delivered as a single unit. Package testing licenseInfoFromFiles Each License represents a software license. This class is used by the SPDX license repository to represent standard license. License testing Each ExtractedLicensingInfo represents a license or licensing notice that was found in the package. Any license text that is recognized as a license may be represented as a License rather than and ExtractedLicensingInfo. ExtractedLicensingInfo testing testing Licensing information that was discovered directly in the subject File. Each File represents a sequence of octets that is contained in a software package. File testing licenseInfoInFile testing The review property relates a SpdxDocument to the review history. Each SdpxDocument represents the results of an analysis of a software package. This is, effectively, the top level of SPDX information. SpdxDocument testing reviewed Each Review represents a signoff by an individual on the information in the SpdxDocument. Review testing testing Indicates that a particular file belongs to a package. hasFile testing Allows the producer(s) of the SPDX document to describe how the package was acquired and/or changed from the original source. sourceInfo testing The date and time at which the SpdxDocument was reviewed. reviewDate UtcXsdDate testing A manifest based hash of the package. This allows consumers of this dataset to determin if a package they have in hand is identical to the package from which the data was produced. This algorithm works even if the SPDX document is included in the package. This algorithm is described in detail in the SPDX spec. packageVerificationCode testing The base name of the package filename. This will often included the package name, version information and archive/compression method. For example, zlib-1.2.5.tar.gz. packageFileName testing The full name of the package including version information. name testing Identifies the version of this specification that was used to produce this SPDX document. specVersion testing Provides a short description of the package. summary testing The full text of the license. licenseText testing Identifies the algorithm used to produce a checksum. Each Checksum is a digest of a file. This digest is produced using a cryptographic hash algorithm which allows the contents of a file to be verified. Checksum testing algorithm testing The licensing that is declared by the authors of the package. licenseDeclared Each ConjunctiveLicenseSet represents set of licenses, or other licensing information, all of which apply. ConjunctiveLicenseSet testing Each DisjunctiveLicenseSet represents set of licenses, or other licensing information, only one of which apply. DisjunctiveLicenseSet testing testing The name and, optionally, contact information of the person who performed the review. reviewer testing The type of the file. fileType testing The name of the file relative to the root of the package. fileName testing Verbatim license or licensing notice text that was discovered. extractedText testing The URI at which this package is available for download. Private (ie, not publicly reachable) URIs are acceptable as values of this property. downloadLocation testing Provides a detailed description of the package. description testing The describesPackage property relates an SpdxDocument to the package which it describes. describesPackage testing The name and, optionally, contact information of a person, organization or tool that created, or was used to create, the SpdxDocument. Each CreationInfo provides information about an individual, organization or tool that was involved in the creation of this SpdxDocument. CreationInfo testing creator testing The creationInfo property relates an SpdxDocument to a set of information about the creation of the SpdxDocument. creationInfo testing The date and time at which the SpdxDocument was created. created testing The checksumValue property provides a digest value produced using a specific algorithm. checksumValue testing Indicates the project in which the file originated. artifactOf testing LicenseSlug 1 1 1 A short name for the license that is made up of ascii characters from the set 'a'-'z', 'A'-'Z', '0'-'9', '+', '_', '.', and '-'. licenseID testing 1 1 1 1 1 1 1 A license, or other licensing information, that is a member of the subject license set. member testing 1 1 1 1 1 The checksum property provides a digest of a File or File. This allows consumers of the SPDX document to verify that the content of the files or package has not changed. checksum testing 1 1 The text of copyright declarations discovered in the package of file. copyrightText testing 1 1 1 1 1 The licensing that the preparer of this SPDX document has concluded, based on the evidence, actual applies to the package. licenseConcluded testing 1 The licenseComments property provides a for the preparer of the SPDX document to describe why the license concluded was chosen. licenseComments testing 1 1 1 1 1 1 1 1 1 1 1 1 1 1