Skip to content

Add module for SPDX information model #4

New issue
New issue
Open
Open
Add module for SPDX information model#4
Labels
enhancementNew feature or request
@aj-stein-gsa

Description

@aj-stein-gsa
aj-stein-gsa
opened on Sep 30, 2024

User Story

As a developer or engineer writing or integrating Metaschema-aware software, in order to better cross-reference and anaylyze supply chain data about relevant software, systems, or services, I would like an information model for processing the SPDX 3.0 (ISO/IEC 5962:2021) bill of material format.

Goals

  • Allow validation, analysis and cross-reference of supply chain data across SPDX data instances
  • Allow cross-reference analysis and validation with SPDX supply chain (target model instances) to a source model instance, preferably OSCAL
  • Allow cross-reference analysis and validation with multiple supply chain format data instances across one another

Dependencies

N/A

Acceptance Criteria

  • All website and readme documentation affected by the changes in this issue have been updated.
  • A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.
  • The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.

Revisions

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions