Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add pkg verification code + checksum clarification #828

Merged
merged 1 commit into from
Jan 24, 2023
Merged

Add pkg verification code + checksum clarification #828

merged 1 commit into from
Jan 24, 2023

Conversation

rnjudge
Copy link
Contributor

@rnjudge rnjudge commented Jan 10, 2023

There had been some confusion around when to use the Package verification code field vs Package checksum. A small group of us got together and tried to provide more clarity around the two fields in a new section, Annex K.3 Verifying SPDX Packages. We also updated the Description and Intent fields for sections 7.9 and 7.10.

Signed-off-by: Jeff Schutt [email protected]
Signed-off-by: Ivana Atanasova [email protected]
Signed-off-by: Nisha Kumar [email protected]
Signed-off-by: Gary ONeall [email protected]
Signed-off-by: Adolfo Veytia [email protected]
Signed-off-by: Rose Judge [email protected]

@rnjudge
Copy link
Contributor Author

rnjudge commented Jan 10, 2023

You can view the markdown version of the changes here:

goneall
goneall requested changes Jan 11, 2023
View reviewed changes
Copy link
Member

@goneall goneall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a couple minor comments - which admittedly apply to the previous text as much as it applies to the proposed changes.

chapters/package-information.md Outdated Show resolved Hide resolved
chapters/package-information.md Outdated Show resolved Hide resolved
goneall
goneall requested changes Jan 17, 2023
View reviewed changes
Copy link
Member

@goneall goneall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

3 suggested changes to clearly distinguish the Package content from the Package.

chapters/package-information.md Outdated Show resolved Hide resolved
chapters/package-information.md Outdated Show resolved Hide resolved
@rnjudge
Add pkg verification code + checksum clarification
ebc9c60 
There had been some confusion around when to use the Package
verification code field vs Package checksum. A small group of us got
together and tried to provide more clarity around the two fields in a
new section, Annex K.3 Verifying SPDX Packages. We also updated the
`Description` and `Intent` fields for sections 7.9 and 7.10.

Signed-off-by: Jeff Schutt <[email protected]>
Signed-off-by: Ivana Atanasova <[email protected]>
Signed-off-by: Nisha Kumar <[email protected]>
Signed-off-by: Gary ONeall <[email protected]>
Signed-off-by: Adolfo Veytia <[email protected]>
Signed-off-by: Rose Judge <[email protected]>
@kestewart
Copy link
Contributor

Per discussion in call, no objections to it being merged.

@kestewart kestewart merged commit bca2141 into spdx:development/v2.3.1 Jan 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@goneall goneall goneall requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rnjudge @kestewart @goneall