HTTPS SSH

Documenting The Software Supply Chain with Linked Data

This repository contains the sample files for the presentation.

License

All .rdf files are licensed under the Creative Commons Attribution Sharealike 3.0 License. The_Beatles.rdf provided by dbpedia.org under same license. "The Beatles" is a registered trademark of Apple Corps Ltd.

All other files are licensed under the Creative Commons Attribution NonCommercial NoDerivatives 3.0 Unported License.

Contents

Documenting the Software Supply Chain with Linked Data - The Presentation.

The_Beatles.rdf - Massive set of RDF data in RDF/XML form, where http://dbpedia.org/resource/The_Beatles is the subject or the object of every triple. Used to illustrate linked data and RDF concepts.

emptyPackage.rdf - The result of creating a new project with SPDX-edit, where a single empty package is created to represent the AppBOMination project.

PackageRelationship.rdf - The result of adding another package to emptyPackage.rdf. This new package represents the Apache Commons Lang 3.4 package. The AppBOMination package has a static link relationship to this new package.

appBOMination.rdf - A further refinement of PackageRelationship.rdf which adds package file contents. One of the files in this package has its own proprietary license, which has been included into the document.

Tools for SPDX (used in the presentation)

Twinkle - a GUI for SPARQL queries

SPDX Edit - To create simple SPDX by hand

SPDX Tools - Conversion, comparison, verification, etc

Java 8 required to run all of the above.