This article is rated Start-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||||||||||||||
|
The following Wikipedia contributor has declared a personal or professional connection to the subject of this article. Relevant policies and guidelines may include
conflict of interest,
autobiography, and
neutral point of view.
|
In the 01-07-2021 SPDX General meeting, we heard a complaint that the available information about SPDX on Wikipedia is outdated. We may have SPDX volunteers providing new updated information. 47.16.167.68 ( talk) 15:57, 1 July 2021 (UTC)
This edit request by an editor with a conflict of interest was declined. |
Greetings! I am a member of the SPDX Working Group. We've noticed that the description of SPDX is quite out of date and doesn't really reflect what SPDX is today, and as such we would like to propose an update to the page. An updated lead section is on my personal namespace - please could an editor have a look at this? We've tried to be unbiased and encyclopaedic; of course if anything escaped my notice I would very much appreciate feedback. Please note: I'm a volunteer, although some others who helped write this draft are paid by their respective employers to work on SPDX in a general sense. Seabass-labrax ( talk) 15:07, 20 August 2021 (UTC)
Hello! I'd like to suggest some edits to the lead section of the page in order to better reflect the topic.
The first paragraph would be changed from
Software Package Data Exchange (SPDX)[1] is a file format used to document information on the software licenses under which a given piece of computer software is distributed. SPDX is authored by the SPDX Working Group, which represents more than twenty different organizations, under the auspices of the Linux Foundation.[2]
to
Software Package Data Exchange (SPDX) is an open standard for software bill of materials (SBOM).[1] SPDX allows the expression of components, licenses, copyrights, security references and other metadata relating to software.[2] Its original purpose was to improve license compliance,[3] and has since been expanded to facilitate additional use-cases, such as supply-chain transparency and security.[4] SPDX is authored by the community-driven SPDX Project under the auspices of the Linux Foundation.
Here are the references for the proposed lead section:
{{ cite web | last = Stewart | first = Kate | url = https://www.linuxfoundation.org/blog/spdx-its-already-in-use-for-global-software-bill-of-materials-sbom-and-supply-chain-security/ | title = SPDX: It’s Already in Use for Global Software Bill of Materials (SBOM) and Supply Chain Security | publisher = Linux Foundation | date = May 25, 2021 | access-date = 2021-08-13 }}
{{ cite web | url = https://www.ntia.gov/files/ntia/publications/ntia_sbom_formats_and_standards_whitepaper_-_version_20191025.pdf#page9 | title = Survey of Existing SBOM Formats and Standards | publisher = [[National Telecommunications and Information Administration]] | date = October 25, 2019 | page = 9 | access-date = 2021-08-13}}
{{cite web | last = Bridgwater | first = Adrian | url = https://www.computerweekly.com/blog/Open-Source-Insider/Linux-Foundation-eases-open-source-licensing-woes | title = Linux Foundation eases open source licensing woes | publisher = [[Computer Weekly]] | date = August 19, 2011 | access-date = 2021-08-13 }}
{{ cite web | last = Rushgrove | first = Gareth | url = https://snyk.io/blog/advancing-sbom-standards-snyk-spdx/ | title = Advancing SBOM standards: Snyk and SPDX | date = June 16, 2021 | access-date = 2021-08-14}}
The second paragraph would be removed, as bill of materials would have already been mentioned. The third paragraph would be moved into the 'License syntax' section, as it is specific to the licensing use-case of SPDX.
Thanks! Seabass-labrax ( talk) 20:59, 12 September 2021 (UTC)
This article is rated Start-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||||||||||||||
|
The following Wikipedia contributor has declared a personal or professional connection to the subject of this article. Relevant policies and guidelines may include
conflict of interest,
autobiography, and
neutral point of view.
|
In the 01-07-2021 SPDX General meeting, we heard a complaint that the available information about SPDX on Wikipedia is outdated. We may have SPDX volunteers providing new updated information. 47.16.167.68 ( talk) 15:57, 1 July 2021 (UTC)
This edit request by an editor with a conflict of interest was declined. |
Greetings! I am a member of the SPDX Working Group. We've noticed that the description of SPDX is quite out of date and doesn't really reflect what SPDX is today, and as such we would like to propose an update to the page. An updated lead section is on my personal namespace - please could an editor have a look at this? We've tried to be unbiased and encyclopaedic; of course if anything escaped my notice I would very much appreciate feedback. Please note: I'm a volunteer, although some others who helped write this draft are paid by their respective employers to work on SPDX in a general sense. Seabass-labrax ( talk) 15:07, 20 August 2021 (UTC)
Hello! I'd like to suggest some edits to the lead section of the page in order to better reflect the topic.
The first paragraph would be changed from
Software Package Data Exchange (SPDX)[1] is a file format used to document information on the software licenses under which a given piece of computer software is distributed. SPDX is authored by the SPDX Working Group, which represents more than twenty different organizations, under the auspices of the Linux Foundation.[2]
to
Software Package Data Exchange (SPDX) is an open standard for software bill of materials (SBOM).[1] SPDX allows the expression of components, licenses, copyrights, security references and other metadata relating to software.[2] Its original purpose was to improve license compliance,[3] and has since been expanded to facilitate additional use-cases, such as supply-chain transparency and security.[4] SPDX is authored by the community-driven SPDX Project under the auspices of the Linux Foundation.
Here are the references for the proposed lead section:
{{ cite web | last = Stewart | first = Kate | url = https://www.linuxfoundation.org/blog/spdx-its-already-in-use-for-global-software-bill-of-materials-sbom-and-supply-chain-security/ | title = SPDX: It’s Already in Use for Global Software Bill of Materials (SBOM) and Supply Chain Security | publisher = Linux Foundation | date = May 25, 2021 | access-date = 2021-08-13 }}
{{ cite web | url = https://www.ntia.gov/files/ntia/publications/ntia_sbom_formats_and_standards_whitepaper_-_version_20191025.pdf#page9 | title = Survey of Existing SBOM Formats and Standards | publisher = [[National Telecommunications and Information Administration]] | date = October 25, 2019 | page = 9 | access-date = 2021-08-13}}
{{cite web | last = Bridgwater | first = Adrian | url = https://www.computerweekly.com/blog/Open-Source-Insider/Linux-Foundation-eases-open-source-licensing-woes | title = Linux Foundation eases open source licensing woes | publisher = [[Computer Weekly]] | date = August 19, 2011 | access-date = 2021-08-13 }}
{{ cite web | last = Rushgrove | first = Gareth | url = https://snyk.io/blog/advancing-sbom-standards-snyk-spdx/ | title = Advancing SBOM standards: Snyk and SPDX | date = June 16, 2021 | access-date = 2021-08-14}}
The second paragraph would be removed, as bill of materials would have already been mentioned. The third paragraph would be moved into the 'License syntax' section, as it is specific to the licensing use-case of SPDX.
Thanks! Seabass-labrax ( talk) 20:59, 12 September 2021 (UTC)