This specification describes the SPDX® language, defined as a dictionary of named properties and classes using W3C's RDF Technology.

SPDX® is a designed to allow the exchange of data about software packages. This information includes general information about the package, licensing information about the package as a whole, a manifest of files contained in the package and licensing information related to the contained files.

Class: SpdxDocument

An SpdxDocument is a summary of the contents, provenance, ownership and licensing analysis of a specific software package. This is, effectively, the top level of SPDX information.

Status:

stable

Properties:

• <a href="#specVersion" rel="owl:onProperty">specVersion</a> Cardinality: Mandatory, one

• <a href="#dataLicense" rel="owl:onProperty">dataLicense</a> Cardinality: Mandatory, one

• <a href="http://www.w3.org/TR/rdf-schema/#ch_comment">rdfs:comment</a> Cardinality: Optional, zero or one

• <a href="#creationInfo" rel="owl:onProperty">creationInfo</a> Cardinality: Mandatory, one

• <a href="#describesPackage" rel="owl:onProperty">describesPackage</a> Cardinality: Mandatory, one

• <a href="#hasExtractedLicensingInfo">hasExtractedLicensingInfo</a> Cardinality: Optional, zero or more

• <a href="#referencesFile" rel="owl:onProperty">referencesFile</a> Cardinality: Mandatory, one or more

• <a href="#reviewed">reviewed</a> Cardinality: Optional, zero or more.

Class: CreationInfo

A CreationInfo provides information about the individuals, organizations and tools involved in the creation of an <a href="#SpdxDocument">SpdxDocument</a>.

Status:

stable

Properties:

• <a href="#creator" rel="owl:onProperty">creator</a> Cardinality: Mandatory, one or more

• <a href="#created" rel="owl:onProperty">created</a> Cardinality: Mandatory, one

• <a href="http://www.w3.org/TR/rdf-schema/#ch_comment">rdfs:comment</a> Cardinality: Optional, zero or one

Class: Package

A Package represents a collection of software files that are delivered as a single functional component.

Status:

stable

Properties:

• <a href="#name" rel="owl:onProperty">name</a> Cardinality: Mandatory, one

• <a href="#versionInfo" rel="owl:onProperty">versionInfo</a> Cardinality: Optional, zero or one

• <a href="#packageFileName" rel="owl:onProperty">packageFileName</a> Cardinality: Optional, zero or one

• <a href="#supplier" rel="owl:onProperty">supplier</a> Cardinality: Optional, zero or one

• <a href="#originator" rel="owl:onProperty">originator</a> Cardinality: Optional, zero or one

• <a href="#downloadLocation" rel="owl:onProperty">downloadLocation</a> Cardinality: Mandatory, one

• <a href="#packageVerificationCode" rel="owl:onProperty">packageVerificationCode</a> Cardinality: Mandatory, one

• <a href="#checksum" rel="owl:onProperty">checksum</a> Cardinality: Optional, zero or one

• <a href="#sourceInfo" rel="owl:onProperty">sourceInfo</a> Cardinality: Optional, zero or one

• <a href="#licenseConcluded" rel="owl:onProperty">licenseConcluded</a> Cardinality: Mandatory, one

• <a href="#licenseInfoFromFiles" rel="owl:onProperty">licenseInfoFromFiles</a> Cardinality: Mandatory, one or more

• <a href="#licenseDeclared" rel="owl:onProperty">licenseDeclared</a> Cardinality: Mandatory, one

• <a href="#licenseComments" rel="owl:onProperty">licenseComments</a> Cardinality: Optional, zero or one

• <a href="#copyrightText" rel="owl:onProperty">copyrightText</a> Cardinality: Mandatory, one

• <a href="#summary" rel="owl:onProperty">summary</a> Cardinality: Optional, zero or one

• <a href="#description" rel="owl:onProperty">description</a> Cardinality: Optional, zero or one

• <a href="#hasFile" rel="owl:onProperty">hasFile</a> Cardinality: Mandatory, one or more

Class: ExtractedLicensingInfo

An ExtractedLicensingInfo represents a license or licensing notice that was found in the package. Any license text that is recognized as a license may be represented as a <a href="#License">License</a> rather than an ExtractedLicensingInfo.

Status:

stable

Properties:

• <a href="#licenseId" rel="owl:onProperty">licenseId</a> Cardinality: Mandatory, one

• <a href="#name" rel="owl:onProperty">name</a> Cardinality: Optional, zero or more

• <a href="#extractedText" rel="owl:onProperty">extractedText</a> Cardinality: Mandatory, one

• <a href="http://www.w3.org/TR/rdf-schema/#ch_comment">rdfs:comment</a> Cardinality: Optional, zero or one

• <a href="http://www.w3.org/TR/rdf-schema/#ch_seealso">rdfs:seeAlso</a> Cardinality: Optional, zero or more

Class: File

A File represents a named sequence of information that is contained in a software package.

Status:

stable

Properties:

• <a href="#fileName" rel="owl:onProperty">fileName</a> Cardinality: Mandatory, one

• <a href="http://www.w3.org/TR/rdf-schema/#ch_comment">rdfs:comment</a> Cardinality: Optional, zero or one

• <a href="#fileType" rel="owl:onProperty">fileType</a> Cardinality: Optional, zero or one

• <a href="#checksum" rel="owl:onProperty">checksum</a> Cardinality: Mandatory, one

• <a href="#licenseConcluded" rel="owl:onProperty">licenseConcluded</a> Cardinality: Mandatory, one

• <a href="#licenseInfoInFile" rel="owl:onProperty">licenseInfoInFile</a> Cardinality: Mandatory, one or more

• <a href="#licenseComments" rel="owl:onProperty">licenseComments</a> Cardinality: Optional, zero or one

• <a href="#copyrightText" rel="owl:onProperty">copyrightText</a> Cardinality: Mandatory, one

• <a href="#artifactOf" rel="owl:onProperty">artifactOf</a> Cardinality: Optional, zero or one

Class: Review

A Review represents an audit and signoff by an individual, organization or tool on the information in an <a href="#SpdxDocument">SpdxDocument</a>.

Status:

stable

Properties:

• <a href="#reviewer" rel="owl:onProperty">reviewer</a> Cardinality: Mandatory, one

• <a href="#reviewDate" rel="owl:onProperty">reviewDate</a> Cardinality: Mandatory, one

• <a href="http://www.w3.org/TR/rdf-schema/#ch_comment">rdfs:comment</a> Cardinality: Optional, zero or one

Class: License

A License represents a copyright license. The <a href="http://spdx.org/licenses">SPDX license list website</a> is annotated with these properties (using <a href="http://www.w3.org/TR/2008/REC-rdfa-syntax-20081014/">RDFa</a>) to allow license data published there to be easily processed.

The license list is populated in accordance with the <a href="http://spdx.org/wiki/spdx-license-list">License List fields guidelines</a>. These guidelines are not normative and may change over time. SPDX tooling should not rely on values in the license list conforming to the current guidelines.

Status:

stable

Properties:

• <a href="#licenseId" rel="owl:onProperty">licenseId</a> Cardinality: Mandatory, one

  A short human readable unique name for the license.

   

• <a href="#name" rel="owl:onProperty">name</a> Cardinality: Optional, zero or one

  A full name, including version if applicable, of the license.

• <a href="#licenseText" rel="owl:onProperty">licenseText</a> Cardinality: Mandatory, one

  Full text of the license.

   

• <a href="#isOsiApproved" rel="owl:onProperty">isOsiApproved</a> Cardinality: Mandatory, one

  Indicates if the <a href="http://opensource.org/">OSI</a> has approved the license.

• <a href="#standardLicenseHeader" rel="owl:onProperty">standardLicenseHeader</a> Cardinality: Optional, zero or one

  License author's preferred text to indicated that a file is covered by the license.

  </>

• <a href="http://www.w3.org/TR/rdf-schema/#ch_comment">rdfs:comment</a> Cardinality: Optional, zero or one

  Factual notes regarding the license such as release date.

• <a href="http://www.w3.org/TR/rdf-schema/#ch_seealso">rdfs:seeAlso</a> Cardinality: Optional, zero or more

  A link to the license on another website.

Class: Checksum

A Checksum is value that allows the contents of a file to be authenticated. Even small changes to the content of the file will change it's checksum. This class allows the results of a variety of checksum and cryptographic message digest algorithms to be represented.

Status:

stable

Properties:

• <a href="#algorithm" rel="owl:onProperty">algorithm</a> Cardinality: Mandatory, one

• <a href="#checksumValue" rel="owl:onProperty">checksumValue</a> Cardinality: Mandatory, one

Class: PackageVerificationCode

A manifest based verification code (the algorithm is defined in section 4.7 of the full specification) of the package. This allows consumers of this data and/or database to determine if a package they have in hand is identical to the package from which the data was produced. This algorithm works even if the SPDX document is included in the package.

Status:

stable

Properties:

• <a href="#packageVerificationCodeExcludedFile">packageVerificationCodeExcludedFile</a> Cardinality: Optional, zero or more

• <a href="#packageVerificationCodeValue" rel="owl:onProperty">packageVerificationCodeValue</a> Cardinality: Mandatory, one

Class: ConjunctiveLicenseSet

A ConjunctiveLicenseSet represents a set of <a href="#AnyLicenseInfo">licensing information</a> all of which apply.

This class refines <a href="http://www.w3.org/TR/rdf-schema/#ch_container">rdfs:Container</a>.

Status:

stable

Properties:

• <a href="#member" rel="owl:onProperty">member</a> Cardinality: Mandatory, two or more.

Class: DisjunctiveLicenseSet

A DisjunctiveLicenseSet represents a set of <a href="#AnyLicenseInfo">licensing information</a> where only one license applies at a time. This class implies that the recipient gets to choose one of these licenses they would prefer to use.

This class refines <a href="http://www.w3.org/TR/rdf-schema/#ch_container">rdfs:Container</a>.

Status:

stable

Properties:

• <a href="#member" rel="owl:onProperty">member</a> Cardinality: Mandatory, two or more.

Class: AnyLicenseInfo

The AnyLicenseInfo class includes all resources that represent licensing information.

Status:

stable

Members

All resources in any of the following classes:

• <a href="#License" rel="rdf:first">License</a>
• <a href="#ExtractedLicensingInfo" rel="rdf:first">ExtractedLicensingInfo</a>
• <a href="#ConjunctiveLicenseSet" rel="rdf:first">ConjunctiveLicenseSet</a>
• <a href="#DisjunctiveLicenseSet" rel="rdf:first">DisjunctiveLicenseSet</a>

Class: SimpleLicenseInfo

The SimpleLicenseInfo class includes all resources that represent simple, atomic, licensing information.

Status:

stable

Members

All resources in any of the following classes:

• <a href="#License" rel="rdf:first">License</a>
• <a href="#ExtractedLicensingInfo" rel="rdf:first">ExtractedLicensingInfo</a>

Property: algorithm

Identifies the algorithm used to produce the subject <a href="#Checksum">Checksum</a>.

Currently, <a href="http://www.itl.nist.gov/fipspubs/fip180-1.htm">SHA-1</a> is the only supported algorithm. It is anticipated that other algorithms will be supported at a later time.

Status:

stable

Domain:

<a href="#Checksum" rel="rdfs:domain">Checksum</a>

Range:

<a href="#checksumAlgorithm_sha1">spdx:checksumAlgorithm_sha1</a>

Property: artifactOf

Status:

stable

Domain:

<a href="#File" rel="rdfs:domain">File</a>

Range:

<a href="http://usefulinc.com/ns/doap#Project" rel="rdfs:range">doap:Project</a>

Property: checksum

The checksum property provides a mechanism that can be used to verify that the contents of a <a href="#File">File</a> or <a href="#Package">Package</a> have not changed.

Status:

stable

Domain:

Any of:

• <a href="#Package" rel="rdf:first">Package</a>
• <a href="#File" rel="rdf:first">File</a>

Range:

<a href="#Checksum" rel="rdfs:range">Checksum</a>

Property: checksumValue

The checksumValue property provides a lower case hexidecimal encoded digest value produced using a specific algorithm.

Status:

stable

Domain:

<a href="#Checksum" rel="rdfs:domain">Checksum</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#hexBinary">xsd:hexBinary</a>

Property: created

The date and time at which the <a href="#SpdxDocument">SpdxDocument</a> was created. This value must in UTC and have 'Z' as its timezone indicator.

Status:

stable

Domain:

<a href="#CreationInfo" rel="rdfs:domain">CreationInfo</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#dateTime">xsd:dateTime</a>

Property: copyrightText

The text of copyright declarations recited in the <a href="#Package">Package</a> or <a href="#File">File</a>.

Status:

stable

Domain:

Any of:

• <a href="#Package" rel="rdf:first">Package</a>
• <a href="#File" rel="rdf:first">File</a>

Range:

Any of:

• <a href="http://www.w3.org/TR/rdf-schema/#ch_literal">rdfs:Literal</a>
• <a href="#none">spdx:none</a>
• <a href="#noassertion">spdx:noassertion</a>

Property: creationInfo

The creationInfo property relates an <a href="#SpdxDocument">SpdxDocument</a> to a set of information about the creation of the <a href="#SpdxDocument">SpdxDocument</a>.

Status:

stable

Domain:

<a href="#SpdxDocument" rel="rdfs:domain">SpdxDocument</a>

Range:

<a href="#CreationInfo" rel="rdfs:range">CreationInfo</a>

Property: creator

Status:

stable

Domain:

<a href="#CreationInfo" rel="rdfs:domain">CreationInfo</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: dataLicense

Status:

stable

Domain:

<a href="#SpdxDocument" rel="rdfs:domain">SpdxDocument</a>

Range:

<a href="http://spdx.org/licenses/CC0-1.0" rel="rdf:first">http://spdx.org/licenses/CC0-1.0</a>

Property: describesPackage

The describesPackage property relates an SpdxDocument to the package which it describes.

Status:

stable

Domain:

<a href="#SpdxDocument" rel="rdfs:domain">SpdxDocument</a>

Range:

<a href="#Package" rel="rdfs:range">Package</a>

Property: description

Provides a detailed description of the package.

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: downloadLocation

The URI at which this package is available for download. Private (i.e., not publicly reachable) URIs are acceptable as values of this property.

The values <a href="#none">http://spdx.org/rdf/terms#none</a> and <a href="#noassertion">http://spdx.org/rdf/terms#noassertion</a> may be used to specify that the package is not downloadable or that no attempt was made to determine its download location, respectively.

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#anyURI">xsd:anyURI</a>

Property: extractedText

Verbatim license or licensing notice text that was discovered.

Status:

stable

Domain:

<a href="#ExtractedLicensingInfo" rel="rdfs:domain">ExtractedLicensingInfo</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: fileName

The name of the file relative to the root of the package.

Status:

stable

Domain:

<a href="#File" rel="rdfs:domain">File</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: fileType

The type of the file.

Status:

stable

Domain:

<a href="#File" rel="rdfs:domain">File</a>

Range:

One of:

• <a href="#fileType_source"> spdx:fileType_source </a>

  Indicates the file is a source code file.

• <a href="#fileType_archive"> spdx:fileType_archive </a>

  Indicates the file is an archive file.

• <a href="#fileType_binary"> spdx:fileType_binary</a>

  Indicates the file is not a text file. filetype_archive is preferred for archive files even though they are binary.

• <a href="#fileType_other"> spdx:fileType_other</a>

  Indicates the file did not fall into any of the other categories.

Property: hasExtractedLicensingInfo

Indicates that a particular <a href="#ExtractedLicensingInfo">ExtractedLicensingInfo</a> was defined in the subject <a href="#SpdxDocument">SpdxDocument</a>.

Status:

stable

Domain:

<a href="#SpdxDocument" rel="rdfs:domain">SpdxDocument</a>

Range:

<a href="#ExtractedLicensingInfo" rel="rdfs:range">ExtractedLicensingInfo</a>

Property: hasFile

Indicates that a particular <a href="#File">file</a> belongs to a <a href="#Package">package</a>.

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

<a href="#File" rel="rdfs:range">File</a>

Property: isOsiApproved

Indicates that a particular <a href="#License">license</a> has been approved by the <a href="http://opensource.org/">OSI</a> as an open source licenses. If this property is true there should be a seeAlso property linking to the OSI version of the license.

Status:

stable

Domain:

<a href="#License" rel="rdfs:domain">License</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#boolean">xsd:boolean</a>

Property: licenseComments

The licenseComments property allows the preparer of the SPDX document to describe why the licensing in <a href="#licenseConcluded">spdx:licenseConcluded</a> was chosen.

Status:

stable

Domain:

Any of:

• <a href="#Package" rel="rdf:first">Package</a>
• <a href="#File" rel="rdf:first">File</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: licenseConcluded

The licensing that the preparer of this SPDX document has concluded, based on the evidence, actually applies to the package.

Status:

stable

Domain:

Any of:

• <a href="#Package" rel="rdf:first">Package</a>
• <a href="#File" rel="rdf:first">File</a>

Range:

Any of:

• <a href="#AnyLicenseInfo" rel="rdf:first">AnyLicenseInfo</a>
• <a href="#none">spdx:none</a>
• <a href="#noassertion">spdx:noassertion</a>

Property: licenseDeclared

The licensing that the creators of the software in the package, or the packager, have declared. Declarations by the original software creator should be preferred, if they exist.

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

Any of:

• <a href="#AnyLicenseInfo" rel="rdf:first">AnyLicenseInfo</a>
• <a href="#none">spdx:none</a>
• <a href="#noassertion">spdx:noassertion</a>

Property: licenseId

A short name for the license that is at least 3 characters long and made up of the characters from the set 'a'-'z', 'A'-'Z', '0'-'9', '+', '_', '.', and '-'. Formally, all licenseId values must match the regular expression: [-+_.a-zA-Z0-9]{3,}

Status:

stable

Domain:

• <a href="#License" rel="rdf:first">License</a>
• <a href="#ExtractedLicensingInfo" rel="rdf:first">ExtractedLicensingInfo</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: licenseText

The full text of the license.

Status:

stable

Domain:

<a href="#License" rel="rdfs:domain">License</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: licenseInfoFromFiles

The licensing information that was discovered directly within the package. There will be an instance of this property for each distinct value of all <a href="#licenseInfoInFile">licenseInfoInFile</a> properties of all files contained in the package.

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

Any of:

• <a href="#SimpleLicenseInfo" rel="rdf:first">SimpleLicenseInfo</a>
• <a href="#none">spdx:none</a>
• <a href="#noassertion">spdx:noassertion</a>

Property: licenseInfoInFile

Licensing information that was discovered directly in the subject file.

Status:

stable

Domain:

<a href="#File" rel="rdfs:domain">File</a>

Range:

Any of:

• <a href="#SimpleLicenseInfo" rel="rdf:first">SimpleLicenseInfo</a>
• <a href="#none">spdx:none</a>
• <a href="#noassertion">spdx:noassertion</a>

Property: member

A <a href="#License">license</a>, or other licensing information, that is a member of the subject license set.

Status:

stable

Domain:

Any of:

• <a href="#ConjunctiveLicenseSet" rel="rdf:first">ConjunctiveLicenseSet</a>
• <a href="#DisjunctiveLicenseSet" rel="rdf:first">DisjunctiveLicenseSet</a>

Range:

<a href="#AnyLicenseInfo" rel="rdfs:range">AnyLicenseInfo</a>

Refines:

<a href="http://www.w3.org/TR/rdf-schema/#ch_member">rdfs:member</a>

Property: name

The full human readable name of the item. This should include version information when applicable.

Status:

stable

Domain:

Any of:

• <a href="#Package" rel="rdf:first">Package</a>
• <a href="#ExtractedLicensingInfo" rel="rdf:first">ExtractedLicensingInfo</a>
• <a href="#License" rel="rdf:first">License</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Refines:

<a href="http://www.w3.org/TR/rdf-schema/#ch_label">rdfs:label</a>

Property: originator

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a> or the individual <a href="#noassertion">spdx:noassertion</a>

Property: packageFileName

The base name of the package file name. For example, zlib-1.2.5.tar.gz.

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: packageVerificationCode

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

<a href="#PackageVerificationCode" rel="rdfs:range">PackageVerificationCode</a>

Property: packageVerificationCodeExcludedFile

A file that was excluded when calculating the <a href="#packageVerificationCode">package verification code</a>. This is usually a file containing SPDX data regarding the package. If a package contains more than one SPDX file all SPDX files must be excluded from the package verification code. If this is not done it would be impossible to correctly calculate the verification codes in both files.

Status:

stable

Domain:

<a href="#PackageVerificationCode" rel="rdfs:domain">PackageVerificationCode</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: packageVerificationCodeValue

The actual package verification code as a hex encoded value.

Status:

stable

Domain:

<a href="#PackageVerificationCode" rel="rdfs:domain">PackageVerificationCode</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#hexBinary">xsd:hexBinary</a>

Property: referencesFile

Indicates that a particular file belongs as part of the set of analyzed files in the <a href="#SpdxDocument">SpdxDocument</a>.

Status:

stable

Domain:

<a href="#SpdxDocument" rel="rdfs:domain">SpdxDocument</a>

Range:

<a href="#File" rel="rdfs:range">File</a>

Property: reviewDate

The date and time at which the <a href="#SpdxDocument">SpdxDocument</a> was reviewed. This value must be in UTC and have 'Z' as its timezone indicator.

Status:

stable

Domain:

<a href="#Review" rel="rdfs:domain">Review</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#dateTime">xsd:dateTime</a>

Property: reviewed

The review property relates a SpdxDocument to the review history.

Status:

stable

Domain:

<a href="#SpdxDocument" rel="rdfs:domain">SpdxDocument</a>

Range:

<a href="#Review" rel="rdfs:range">Review</a>

Property: reviewer

Status:

stable

Domain:

<a href="#Review" rel="rdfs:domain">Review</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: sourceInfo

Allows the producer(s) of the SPDX document to describe how the package was acquired and/or changed from the original source.

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: specVersion

Identifies the version of this specification that was used to produce this SPDX document. The value for this version of the spec is SPDX-1.1. The value SPDX-1.0 may also be supported by SPDX tools for backwards compatibility purposes.

Status:

stable

Domain:

<a href="#SpdxDocument" rel="rdfs:domain">SpdxDocument</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: standardLicenseHeader

Text specifically delineated by the license, or license appendix, as the preferred way to indicate that a source, or other, file is copyable under the license.

Status:

stable

Domain:

<a href="#License" rel="rdfs:domain">License</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: summary

Provides a short description of the package.

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Property: supplier

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a> or the individual <a href="#noassertion">spdx:noassertion</a>

Property: versionInfo

Provides an indication of the version of the package that is described by this <a href="#SpdxDocument">SpdxDocument</a>.

Status:

stable

Domain:

<a href="#Package" rel="rdfs:domain">Package</a>

Range:

<a href="http://www.w3.org/TR/xmlschema-2/#string">xsd:string</a>

Individual: checksumAlgorithm_sha1

Indicates the algorithm used was <a href="http://www.itl.nist.gov/fipspubs/fip180-1.htm">SHA-1</a>

Status:

stable

Individual: fileType_archive

Indicates the file is an archive file.

Status:

stable

Individual: fileType_binary

Indicates the file is not a text file. <a href="#fileType_archive">spdx:filetype_archive</a> is preferred for archive files even though they are binary.

Status:

stable

Individual: fileType_other

Indicates the file is not a <a href="#fileType_source">source</a>, <a href="#fileType_archive">archive</a> or <a href="#fileType_binary">binary</a> file.

Status:

stable

Individual: fileType_source

Indicates the file is a source code file.

Status:

stable

Individual: noassertion

Indicates that the preparer of the SPDX document is not making any assertion regarding the value of this field.

Status:

stable

Individual: none

When this value is used as the object of a property it indicates that the preparer of the <a href="#SpdxDocument">SpdxDocument</a> believes that there is no value for the property. This value should only be used if there is sufficient evidence to support this assertion.

Status:

stable