Documenting The Software Supply Chain with Linked Data

This repository contains the sample files for the presentation.


All .rdf files are licensed under the Creative Commons Attribution Sharealike 3.0 License. The_Beatles.rdf provided by under same license. "The Beatles" is a registered trademark of Apple Corps Ltd.

All other files are licensed under the Creative Commons Attribution NonCommercial NoDerivatives 3.0 Unported License.


Documenting the Software Supply Chain with Linked Data - The Presentation.

The_Beatles.rdf - Massive set of RDF data in RDF/XML form, where is the subject or the object of every triple. Used to illustrate linked data and RDF concepts.

emptyPackage.rdf - The result of creating a new project with SPDX-edit, where a single empty package is created to represent the AppBOMination project.

PackageRelationship.rdf - The result of adding another package to emptyPackage.rdf. This new package represents the Apache Commons Lang 3.4 package. The AppBOMination package has a static link relationship to this new package.

appBOMination.rdf - A further refinement of PackageRelationship.rdf which adds package file contents. One of the files in this package has its own proprietary license, which has been included into the document.

Tools for SPDX (used in the presentation)

Twinkle - a GUI for SPARQL queries

SPDX Edit - To create simple SPDX by hand

SPDX Tools - Conversion, comparison, verification, etc

Java 8 required to run all of the above.