THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Technical Team/Use Cases/2.0

From SPDX Wiki
< Technical Team
Revision as of 17:31, 27 March 2012 by Eaw (Talk | contribs)

Jump to: navigation, search

We have several sources to begin pulling for SPDX Use Cases:

  1. The Pad from earlier conversations collected at <a href="http://spdx.org/wiki/use-cases-collected-20-discussion">Use Cases For SPDX 2.0 Discussion</a>
  2. The old <a href="https://fossbazaar.org/wiki/spdx-use-case-1">SPDX 1.0 Use Cases</a> as well as the <a href="http://spdx.org/system/files/ecosystem.jpg">SDPX 1.0 Use Case Picture</a>.
 
I'd like to propose that we flesh out use cases here by having a brief summary listed here as a link to a more detailed child page.   Note, these use cases should be *doable* but in general not *required*.  Any item listed here that is not a link, should have a child page created for it.
 
  1. Upstream maintainer providing SPDX data
  2. Upstream maintainer consuming another project
    1. Upstream maintainer including another project by including source
    2. Upstream maintainer including another project by reference (think maven, possibly linking cases)
    3. Upstream maintainer pulling individual files out of another project (subsetting)
  3. Intermediate packager (rpm, deb, etc) passing on and adding to SPDX Data
    1. Intermediate packager subsetting upstream package
  4. Aggregator aggregating many packages for redistribution
    1. Linux Distros
    2. Embedded Images
    3. SDKs
    4. Reference implementations
    5. Eclipse/OSGI distributions
  5. Aggergators aggregating other aggrgations for redistribution
  6. Asserting corrections to SPDX data provided by others further upstream
  7. Committers providing, or assenting to SPDX data
  8. Consumers receiving SPDX data
 

Cross-cutting concerns:

  1. Provenance (the need to optionally use signing to validate who said what)
 

Themes:

 
Looking at these Use Cases, there are some underlying themes:
  1. Root of data (closer to upstream the better)
  2. Subsetting of copyrightable things (and their SPDX data) (Note: Subsets of copyrightable things are usually also copyrightable things)
  3. Aggregation of copyrightable things (and their SPDX data) (Note: Aggregations of copyrightable things are usually also copyrightable things).
 
 

 

Retrieved from "https://wiki.spdx.org/index.php?title=Technical_Team/Use_Cases/2.0&oldid=1498"