SPDX Version 2.0


Greetings SPDX Community,

 We are pleased to announce that the penultimate version of the SPDX 2.0 Specification and the new  SPDX License List are ready for community review.  With 2.0 there have been great strides forwards in the expressiveness of an SPDX document through relationships and the license expression syntax.

Any comments regarding the material below should be submitted no later than March 23rd as directed below. We are hoping to finalize the material and officially release it at the April 2nd General Meeting. This should allow you plenty of time to do a thorough review. 

 Background Information


For an overview of the  2.0 requirements you may read this http://wiki.spdx.org/images/SPDX-TR-2014-3.v1.0.pdf

 The Use Cases are documented on the Technical team wiki athttp://wiki.spdx.org/view/Technical_Team/Use_Cases/2.0

 For a presentation given at LinuxCollab in February 2015 on changes to the specification go here. It’s a nice overview.



Specification Review Material


SPDX 2.0 Specification, dated 20150303 is attached below for your convienance. The same file is also available athttp://wiki.spdx.org/view/Technical_Team/SPDX_Specification_Versions as SPDX-2.0rc3.pdf

 The technical team would prefer comments were made in the google doc located athttps://docs.google.com/a/linaro.org/document/d/1wE_zvLU4c291ACi9wIJmQoE4ltKRW4rzM1TYiIvEVOs/edit#heading=h.x7jjfaxtluz1.

Comments may also be directed to the technical team mailing list at mailto: spdx-tech@lists.spdx.org . You will need to be a member of the list to send an email.

The schema for the RDF can be found athttp://spdx.org/rdf/ontology/spdx-2-0-rev-12/ .

The model diagram can be found at  http://wiki.spdx.org/view/Technical_Team/Model_2_0. The model is a great way to see how all the old and new pieces fit together.




The tools for the 2.0 Specification are located in the SPDX GIT repository.

 To try them, you will need to download the source and build them.  You can access the repository here:http://git.spdx.org/?p=spdx-tools.git;a=snapshot;h=refs/heads/develop;sf=tgz

Instructions on building the tools can be found in the README.md file in the root directory of the source tree here: http://git.spdx.org/?p=spdx-tools.git;a=blob_plain;f=README.md;hb=5efe1f1e4727d7d7be48488225b68c65e71b84b9and here: http://spdx.org/publications/tool-documentation/how-to-use-the-software-package-document-exchange-spdx-tools


SPDX License List


The SPDX License List v2.0-rc3 and  can be reviewed at http://spdx.org/licenses/preview/ .  Due to the adoption of the License Expression Syntax, license exceptions have their own sub-list and some licenses have been deprecated.  Information for all of this can be linked to from this page.

The master files for the license list can be found here:  http://git.spdx.org/?p=license-list.git;a=summary

General information about the SPDX License List can be found here: http://spdx.org/spdx-license-list/license-list-overview

 The Matching Guidelines can be found here:http://spdx.org/spdx-license-list/matching-guidelines

 Feedback is welcome and can be sent to: spdx-legal@lists.spdx.org  . You will need to be a member of the list to send an email.


Best regards,


SPDX Technical, Legal and Business Teams



SPDX-2.0rc3.pdf2.83 MB