SpdxDocument 1 The describesPackage property relates an SpdxDocument to the package which it describes. describesPackage Package 1 Identifies the version of this specification that was used to produce this SPDX document. sdpxVersion The creationInfo property relates an SpdxDocument to a set of information about the creation of the SpdxDocument. creationInfo CreationInfo 1 The review property relates a SpdxDocument to the review history. reviewed Review 1 1 The name and, optionally, contact information of the person who performed the review. reviewer 1 The date and time at which the SpdxDocument was reviewed. reviewDate UtcXsdDate Licensing information that was discovered directly in the package. This is effectively a union of the licenseInfoInFile properties of all the files contained in the package. licenseInfoFromFiles License 1 A short name for the license that is made up of ascii characters from the set 'a'-'z', 'A'-'Z', '0'-'9', '+', '_', and '-'. licenseId LicenseSlug 1 File 1 1 1 1 1 The full text of the license. licenseText ExtractedLicensingInfo 1 1 Verbatim license or licensing notice text that was discovered. extractedText Checksum 1 1 The checksumValue property provides a digest value produced using a specific algorithm. checksumValue Identifies the algorithm used to produce a checksum. algorithm 1 1 The base name of the package filename. This will often included the package name, version information and archive/compression method. For example, zlib-1.2.5.tar.gz. packageFileName The date and time at which the SpdxDocument was created. created The name of the file relative to the root of the package. fileName The URI at which this package is available for download. Private (ie, not publicly reachable) URIs are acceptable as values of this property. downloadLocation ConjunctiveLicenseSet DisjunctiveLicenseSet 1 A license, or other licensing information, that is a member of the subject license set. member 1 Indicates that a particular file belongs to a package. hasFile 1 Allows the producer(s) of the SPDX document to describe how the package was acquired and/or changed from the original source. sourceInfo 1 The name and, optionally, contact information of a person, organization or tool that created, or was used to create, the SpdxDocument. creator 1 1 A manifest based hash of the package. This allows consumers of this dataset to determin if a package they have in hand is identical to the package from which the data was produced. This algorithm works even if the SPDX document is included in the package. This algorithm is described in detail in the SPDX spec. packageVerificationCode 1 The full name of the package including version information. name 1 The licensing that the preparer of this SPDX document has concluded, based on the evidence, actual applies to the package. licenseConcluded The licensing that is declared by the authors of the package. licenseDeclared The checksum property provides a digest of a File or File. This allows consumers of the SPDX document to verify that the content of the files or package has not changed. checksum 1 1 The type of the file. fileType 1 1 Licensing information that was discovered directly in the subject File. licenseInfoInFile