feat: Add SPDX header to SpringQL souce files #143
Labels
feat
New feature or request
Comments
|
@thatsdone Thank you for your suggestion. We would like to support it. We believe dependency management should be critically important for system softwares in auto motives and we agree with agree with the objectives of SBOM.
This should be new feature for SpringQL's users since they can manage the dependency to SpringQL following the SPDX spec. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
I'm not sure if this is a feature request or not, but anyway I thought it's a good idea to consider
adding SPDX header lines to SpringQL source code files
so that SpringQL can get ready for SBOM (Software BOM) management requirements
in various industries (such as automotive).
Describe the solution you'd like
Simply add SPDX header lines.
For example, in case of Linux kernel, you can find an example at the top line of kernel/sched/sched.h:
https://github.com/torvalds/linux/blob/master/kernel/sched/sched.h#1
Describe alternatives you've considered
There are various discussions regarding SBOM.
For example,
https://www.openbom.com/blog/software-bill-of-materials-bom-3-reasons-manufacturing-companies-should-start-managing-sbom-in-2021
But, anyway SPDX activity is under the umbrella of the Linux Foundation,
https://spdx.dev/
and it's a part of ISO standard since September 2021:
https://spdx.dev/spdx-specification-is-now-an-iso-standard/
So, I think SPDX is an enough reasonable choice.
The text was updated successfully, but these errors were encountered: