Create a native plug-in or extension to a well-known package manager to generate valid SPDX documents based on the information provided in the build metadata files. Examples of package managers include Node Package Manager (NPM), Gradle, Rust Cargo, Ruby Gems, Python pip, and Cocoa Pods. A plugin for Maven has already been developed and can be used as an example.

The plugin should generate a valid SPDX document with minimal configuration required by the user.

Organization

Student

Ekong Obie Philip

Mentors

  • Philippe Ombredanne _
  • Santiago Torres-Arias
  • Kate Stewart
close

2020