I completed updating the spreadsheets and adding issues for all of the proposed changes in the SBOM SPDX Compatibility Analysis.
Anything I thought was structure, I added an issue – the complete list of SBOM issues can be found here: https://github.com/cdfoundation/sig-security-sbom/issues
There is a total of 12 issues added. Not all of the issues are the same priority or difficulty. I would recommend we start our Monday discussion with the external document reference issue: https://github.com/cdfoundation/sig-security-sbom/issues/10
I updated the classes attributes spreadsheet. I prefixed the comment with SPDX: if it is directly related to SPDX compatibility and with GO: if it is just my opinion (my initials). There is a total of 21 suggested changes between Philippe, SPDX analysis, and myself.
The enumerations literals sheet has also been updated. I added a sheet with all SPDX relationship types to make it easier to compare. There are 11 proposed changes to the sheet.
I also added an issue to the SPDX specification to track adding artifactType as a required attribute in SPDX 3.0: https://github.com/spdx/spdx-spec/issues/171