Open mrybczyn opened 1 year ago
Hi @mrybczyn, thanks for your interest in the python-tools! :) The problem you encounter is due to the parser only working for SPDX versions 2.2 and 2.3. This library currently only supports writing of SPDX-3.0 documents, but not parsing. There is a proof of concept I did a while ago, which can be found here, but this is very likely outdated by now as the SPDX3 model is still in development.
If you'd like to contribute to this library, please feel free to put up a PR that implements parsing for SPDX-3.0. :)
I have a similar issue but my Github provided document says it's 2.3:
"spdxVersion": "SPDX-2.3",
"creationInfo": {
I'm facing multiple issues with validating SPDX3 files using spdx-tools python version 0.8.1, all related to CreationInfo. I convert them based on spdx_tools.spdx3.bump_from_spdx2.spdx_document. The results is like:
However, the validation run gives:
For information, none of the example files from the model (https://github.com/spdx/spdx-3-model/tree/main/serialization/json_ld) validates, but this is likely expected, taking into account changes in the model.
What path do you recommend to resolve? Fix the file according to the older model or update the module for the new CreationInfo syntax?