lumjjb
commented
1 year ago hmmm, order shouldn't matter in spec, so this would be more for convenience.. but yea i think if its more convenient to have a bit more consistency, dont see why not... however, this could lead to the output document not being reproducible (unless we take the ordering of names followed by SPDX ID if tied).
Besides the reproducibility, i have no issue with changing the order.
When outputting Tag Value format, some elements like Files are being sorted before being output, and these seem to be sorted by SPDXID. This causes a bit of a stability issue that a subsequent run, if an SPDXID is not stable (e.g. someone generating a UUID or other type of hashing function), elements are reordered in unexpected ways.
I believe these elements should be sorted by some type of primary field (like a file name) and subsequently by SPDXID for duplicates.