Spdx3

A NuGet library (.NET 8) for creating, reading, and writing Software Bills of Materials files in SPDX 3 format.

Note

SPDX3 is primarily intended for tool-writers who want to create their own SBOMs directly and want a compliant data model and serialization utilities to do that.
It's not a utility/tool for inspecting artifacts, deriving SBOM material, or otherwise generating SBOMs for things. However, you can write code do to that inspection/derivation/generation and use this library to hold, serialize, and deserialize the data.

This library provides:

A C# object model for the entire SPDX3 spec
Serialization and deserialization to/from JSON-LD format
Validation
Checking for Lite domain compliance
A full list of pre-created ListedLicense objects that correspond to the SPDX License List

Documentation

Please see here

Name		Name	Last commit message	Last commit date
Latest commit History 276 Commits
.config		.config
.github		.github
Docs		Docs
Examples		Examples
ProduceBuildSbom		ProduceBuildSbom
ProduceSourceSbom		ProduceSourceSbom
Spdx3.Tests		Spdx3.Tests
Spdx3		Spdx3
.gitignore		.gitignore
LICENSE		LICENSE
New-SpdxLicenseList.ps1		New-SpdxLicenseList.ps1
README.md		README.md
Spdx3.sln		Spdx3.sln
global.json		global.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Spdx3

A NuGet library (.NET 8) for creating, reading, and writing Software Bills of Materials files in SPDX 3 format.

Documentation

About

Uh oh!

Releases 19

Packages

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Spdx3

A NuGet library (.NET 8) for creating, reading, and writing Software Bills of Materials files in SPDX 3 format.

Documentation

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases 19

Packages 0

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Packages