Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix typos in diffs-from-previous-editions.md #18

Merged
merged 7 commits into from
Oct 1, 2024
Merged

Fix typos in diffs-from-previous-editions.md #18

Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
0411bc8
Fix typo: hasDistributionArifact -> hasDistributionArtifact
bact Sep 26, 2024
924b1a3
SpecVersiononly -> SpecVersion only
bact Sep 26, 2024
02768c1
ContentIdentifers -> ContentIdentifiers
bact Sep 26, 2024
3b04902
definingDocument -> definingArtifact
bact Sep 26, 2024
241401a
ExtractedLicenseInfo -> extractedText (in ExtractedLicensingInfo class)
bact Sep 27, 2024
9dd0d04
LicenseInfoInFiles -> LicenseInfoInFile
bact Sep 27, 2024
be4efc7
Add application/spdx+json to SPDX in Content Type table
bact Oct 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 19 additions & 18 deletions docs/diffs-from-previous-editions.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ Each ExternalDocumentRef instance will translate as follows:
- An integrity method of “Hash” will be created with the same information as the checksum property and will be referenced using the “verifiedUsing” property on the ExternalMap entry.
- An entry would be created in the ExternalMap for each element referenced in the current SpdxDocument that is originally specified in the referenced SpdxDocument.
- A string identifier consisting of the DocumentRef-[idstring] (the same value as the prefix in the NamespaceMap) concatenated with a “:” and then concatenated with the local portion of the element identifier would be used for the externalSpdxId in the ExternalMap
- A “definingDocument” property would be specified containing a string identifier consisting of the DocumentRef-[idstring] concatenated with a “:” and then concatenated with “SPDXRef-DOCUMENT”. This is a shortcut linkage to tie the referenced element to its defining SpdxDocument for verification and location information.
- A “definingArtifact” property would be specified containing a string identifier consisting of the DocumentRef-[idstring] concatenated with a “:” and then concatenated with “SPDXRef-DOCUMENT”. This is a shortcut linkage to tie the referenced element to its defining SpdxDocument for verification and location information.

##### Rationale

Expand All @@ -51,7 +51,7 @@ The ExternalDocumentRef structure in SPDX 2.3 is based on the presumptions that

The Namespace map structure in SPDX 3.0 fully supports the namespace prefixing use case for SpdxDocuments previously covered by ExternalDocumentRef but also equally covers the same use case capability for all element types and for any number of element identifier namespaces (in SPDX 3.0 all elements within an SpdxDocument are not required to have the same namespace and can actually be any desired mix of namespaces) to support this capability required in SPDX 3.0.

The ExternalMap structure in SPDX 3.0 fully supports the external element (including SpdxDocument elements) referencing use case for SpdxDocuments previously covered by ExternalDocumentRef but also equally covers the same use case capability for any elements whether they were originally defined within an SpdxDocument or not to support this capability required in SPDX 3.0. The ExternalMap structure in SPDX 3.0 provides the ability to specify verification and location details for any element, not just SpdxDocuments, if appropriate but also provides simple linkage, using the “definingDocument'' property, from element entries in the ExternalMap to SpdxDocument entries in the ExternalMap where the elements were defined within the SpdxDocument and verification of the elements can be achieved via proxy to the SpdxDocument “verifiedUsing” information (this is how the SPDX 2.3 ExternalDocumentRef structure currently works).
The ExternalMap structure in SPDX 3.0 fully supports the external element (including SpdxDocument elements) referencing use case for SpdxDocuments previously covered by ExternalDocumentRef but also equally covers the same use case capability for any elements whether they were originally defined within an SpdxDocument or not to support this capability required in SPDX 3.0. The ExternalMap structure in SPDX 3.0 provides the ability to specify verification and location details for any element, not just SpdxDocuments, if appropriate but also provides simple linkage, using the “definingArtifact” property, from element entries in the ExternalMap to SpdxDocument entries in the ExternalMap where the elements were defined within the SpdxDocument and verification of the elements can be achieved via proxy to the SpdxDocument “verifiedUsing” information (this is how the SPDX 2.3 ExternalDocumentRef structure currently works).

#### Agent

Expand Down Expand Up @@ -113,17 +113,17 @@ An example conversion table from SPDX 2.3 `FileType` to SPDX 3.0 `ContentType` o

| SPDX 2 File Type | SPDX 3 Software Purpose | SPDX 3 Content Type |
|------------------|-------------------------|---------------------|
| ARCHIVE | Archive | |
| ARCHIVE | archive | |
| BINARY | | application/octet-stream |
| SOURCE | Source | |
| SOURCE | source | |
| TEXT | | text/plain |
| APPLICATION | Application | |
| APPLICATION | application | |
| AUDIO | | audio/* |
| IMAGE | | image/* |
| VIDEO | | video/* |
| DOCUMENTATION | Documentation | |
| SPDX | | text/spdx |
| OTHER | Other | |
| DOCUMENTATION | documentation | |
| SPDX | | application/spdx+json, text/spdx |
| OTHER | other | |

#### Package File Name

Expand All @@ -133,7 +133,7 @@ The packageFileName property and packageChecksum property has been replaced by a

##### Translating from 2.3 to 3.0

Create an SPDX File with the name from the packageFileName and a verifiedUsing value from the packageChecksum for a single file. If the packageFileName is a directory, then the SPDX File is created with the directory name and is verified using the contentIdentifier property on the File and a fileKind of directory. Create a hasDistributionArifact relationship from the SPDX Package to the SPDX File.
Create an SPDX File with the name from the packageFileName and a verifiedUsing value from the packageChecksum for a single file. If the packageFileName is a directory, then the SPDX File is created with the directory name and is verified using the contentIdentifier property on the File and a fileKind of directory. Create a hasDistributionArtifact relationship from the SPDX Package to the SPDX File.

##### Rationale

Expand All @@ -158,7 +158,7 @@ The following ExternalRef Types should be converted to ExternalIdentifiers:
- swid
- purl

The following ExternalRef Types should be converted to ContentIdentifers:
The following ExternalRef Types should be converted to ContentIdentifiers:

- gitoid
- swh
Expand All @@ -185,15 +185,15 @@ If there is a single ExternalReference of type purl without the optional Externa

##### Rationale

Package URL is a very common method of identifying software packages. Moving this to a property makes it significantly simpler to find and correlate Package URL identifiers.
Package URL is a very common method of identifying software packages. Moving this to a property makes it significantly simpler to find and correlate Package URL identifiers.

#### Annotation

##### Description of Change

Annotations are now subclasses of Element, so it inherits a number of new optional properties including names, annotations, and its own relationships.

Annotations are no longer a property of an Element. It is now a standalone element with a “subject” field which points to the Element being annotated.
Annotations are no longer a property of an Element. It is now a standalone element with a “subject” field which points to the Element being annotated.

##### Translating from 2.3 to 3.0

Expand Down Expand Up @@ -309,7 +309,8 @@ Changing the snippetFromFile from a property to a relationship [to be filled in]

The type of SpecVersion is changed from a simple string without constraints to a SemVer string which must follow the [Semantic Versioning format](https://semver.org/).

This adds a constraint where a patch version is required. Previous usage of the SpecVersiononly included the major and minor version.
This adds a constraint where a patch version is required.
Previous usage of the SpecVersion only included the major and minor version.

##### Translating from 2.3 to 3.0

Expand Down Expand Up @@ -357,23 +358,23 @@ LicenseException

This field has not been used.

#### LicenseInfoInFiles
#### LicenseInfoInFile

##### SPDX 2.3 Model Name

licenseInfoInFiles
licenseInfoInFile

##### Tag/Value Name

LicenseInfoInFiles
LicenseInfoInFile

##### Range / Where Used

Package

##### Rationale

This field is redundant with the declaredLicense property in the Files contained in the Package. It is recommended that the licenseInfoInFiles can be added as an Annotation to the Package in the format: “SPDX 2.X LicenseInfoInFiles: [expression1], [expression2]” where the [expressions] are the string representation of the license expressions.
This field is redundant with the declaredLicense property in the Files contained in the Package. It is recommended that the licenseInfoInFile can be added as an Annotation to the Package in the format: “SPDX 2.X LicenseInfoInFile: [expression1], [expression2]” where the [expressions] are the string representation of the license expressions.

#### FilesAnalyzed

Expand Down Expand Up @@ -689,7 +690,7 @@ Custom Additions have been added in SPDX 3.0 which operate in a similar manner t

##### SPDX 2.3 Model Name

ExtractedLicenseInfo
extractedText

##### Tag/Value Name

Expand Down