[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

review of current models

Greetings all,


After doing more review of the licensing components for the current SBOM model, I found a few areas which would cause incompatibilities with the SPDX model.  Since we are targeting SPDX 3.0 for these model changes, incompatibilities are allowed – so this may, or may not be an issue.


I would like to do a more thorough review of the model and write up an analysis for this team with some recommendations.  This will take a bit of time and the end of the year is a very busy time for audits, so I likely will not get it out until the first week of January.  I just wanted to give everyone a heads-up that I plan on proposing some changes.


Best regards,




Gary O'Neall

Principal Consultant

Source Auditor Inc.

Mobile: 408.805.0586