### Correct SPDX License Identifier Source: https://github.com/spdx/tools-golang/blob/main/testdata/project4/has-mix-of-ids.txt This example shows a correctly formatted SPDX license identifier that should be recognized. ```go // SPDX-License-Identifier: MIT ``` -------------------------------- ### Build SPDX Document from Directory Source: https://context7.com/spdx/tools-golang/llms.txt Uses the builder package to scan a directory, compute hashes, and generate an SPDX document. Requires configuring the builder with namespace, creator info, and ignored paths. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/builder" "github.com/spdx/tools-golang/tagvalue" ) func main() { // Configure the builder config := &builder.Config{ // Namespace prefix for the document NamespacePrefix: "https://example.com/spdx/", // Creator information CreatorType: "Organization", Creator: "Example Corp", // Paths to ignore when scanning PathsIgnored: []string{ "/.git/", // Ignore .git directory "**/__pycache__/", // Ignore all __pycache__ directories "**/.DS_Store", // Ignore all .DS_Store files "/node_modules/", // Ignore node_modules "**/*.log", // Ignore all log files }, } // Build SPDX document for the directory packageName := "my-project" dirPath := "/path/to/project" doc, err := builder.Build(packageName, dirPath, config) if err != nil { fmt.Printf("Error building SPDX document: %v\n", err) return } fmt.Printf("Successfully created SPDX document for %s\n", packageName) fmt.Printf("Package verification code: %s\n", doc.Packages[0].PackageVerificationCode.Value) fmt.Printf("Number of files: %d\n", len(doc.Packages[0].Files)) // Save the document fileOut, err := os.Create("sbom.spdx") if err != nil { fmt.Printf("Error creating output file: %v\n", err) return } defer fileOut.Close() err = tagvalue.Write(doc, fileOut) if err != nil { fmt.Printf("Error writing SPDX file: %v\n", err) return } fmt.Println("Successfully saved SBOM") } ``` -------------------------------- ### Build SPDX document from directory Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Creates an SPDX document for a directory's contents, including file hashes and verification codes. ```bash go run example_build.go project2 ../../testdata/project2 test.spdx ``` -------------------------------- ### Create and Save an SPDX Document Programmatically Source: https://context7.com/spdx/tools-golang/llms.txt Constructs a new SPDX document structure and writes it to a file using the tag-value format. ```go package main import ( "fmt" "time" "github.com/spdx/tools-golang/spdx" "github.com/spdx/tools-golang/spdx/v2/common" "github.com/spdx/tools-golang/tagvalue" "os" ) func main() { // Create a new SPDX document programmatically doc := &spdx.Document{ SPDXVersion: spdx.Version, // "SPDX-2.3" DataLicense: spdx.DataLicense, // "CC0-1.0" SPDXIdentifier: common.ElementID("DOCUMENT"), DocumentName: "Example SBOM", DocumentNamespace: "https://example.com/spdx/example-sbom-1.0", CreationInfo: &spdx.CreationInfo{ Created: time.Now().UTC().Format("2006-01-02T15:04:05Z"), Creators: []common.Creator{ {CreatorType: "Tool", Creator: "my-sbom-generator-1.0"}, {CreatorType: "Organization", Creator: "Example Corp"}, }, LicenseListVersion: "3.19", }, Packages: []*spdx.Package{ { PackageName: "example-lib", PackageSPDXIdentifier: common.ElementID("Package-example-lib"), PackageVersion: "1.2.3", PackageDownloadLocation: "https://github.com/example/example-lib/archive/v1.2.3.tar.gz", FilesAnalyzed: false, PackageLicenseConcluded: "MIT", PackageLicenseDeclared: "MIT", PackageCopyrightText: "Copyright 2024 Example Corp", PackageChecksums: []common.Checksum{ {Algorithm: spdx.SHA256, Value: "abc123..."}, }, PackageExternalReferences: []*spdx.PackageExternalReference{ { Category: spdx.CategoryPackageManager, RefType: spdx.PackageManagerPURL, Locator: "pkg:npm/example-lib@1.2.3", }, }, }, }, Relationships: []*spdx.Relationship{ { RefA: common.DocElementID{ElementRefID: "DOCUMENT"}, RefB: common.DocElementID{ElementRefID: "Package-example-lib"}, Relationship: spdx.RelationshipDescribes, }, }, } // Save the document fileOut, err := os.Create("manual-sbom.spdx") if err != nil { fmt.Printf("Error creating file: %v\n", err) return } defer fileOut.Close() err = tagvalue.Write(doc, fileOut) if err != nil { fmt.Printf("Error writing file: %v\n", err) return } fmt.Println("Successfully created SBOM manually") fmt.Printf("Document: %s\n", doc.DocumentName) fmt.Printf("Package: %s v%s\n", doc.Packages[0].PackageName, doc.Packages[0].PackageVersion) } ``` -------------------------------- ### Build SPDX Document with License Detection Source: https://context7.com/spdx/tools-golang/llms.txt Uses the idsearcher package to automatically detect license identifiers in source files. Allows separate configuration for paths to ignore during building versus paths to ignore during license searching. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/idsearcher" "github.com/spdx/tools-golang/tagvalue" ) func main() { // Configure the ID searcher config := &idsearcher.Config{ // Namespace prefix for the document NamespacePrefix: "https://example.com/spdx/", // Paths to ignore during file scanning (passed to builder) BuilderPathsIgnored: []string{ "/.git/", "**/node_modules/", "**/__pycache__/", }, // Paths to ignore during license ID searching // (files will still be included, but not searched for IDs) SearcherPathsIgnored: []string{ "/LICENSES/", // Don't scan license text files "/Documentation/license-rules.rst", // Don't scan documentation about licenses }, } // Build document with automatic license detection packageName := "my-oss-project" dirPath := "/path/to/project" doc, err := idsearcher.BuildIDsDocument(packageName, dirPath, config) if err != nil { fmt.Printf("Error building SPDX document: %v\n", err) return } fmt.Printf("Successfully created SPDX document with license IDs for %s\n", packageName) // Display detected licenses pkg := doc.Packages[0] fmt.Printf("Licenses found in package: %v\n", pkg.PackageLicenseInfoFromFiles) // Show per-file license info for _, f := range pkg.Files { if f.LicenseConcluded != "NOASSERTION" { fmt.Printf(" %s: %s\n", f.FileName, f.LicenseConcluded) } } // Save the document fileOut, err := os.Create("sbom-with-licenses.spdx") if err != nil { fmt.Printf("Error creating output file: %v\n", err) return } defer fileOut.Close() err = tagvalue.Write(doc, fileOut) if err != nil { fmt.Printf("Error writing SPDX file: %v\n", err) return } fmt.Println("Successfully saved SBOM with detected licenses") } ``` -------------------------------- ### Search and fill SPDX IDs Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Builds an SPDX document for a directory, searches for SPDX short-form IDs, and populates license fields. ```bash go run example_search.go project2 ../../testdata/project2/folder test.spdx ``` -------------------------------- ### Load SPDX YAML file Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Loads an SPDX YAML file and logs attributes to the console. ```bash go run exampleYAMLLoader.go ../sample-docs/yaml/SPDXYAMLExample-2.2.spdx.yaml ``` -------------------------------- ### Generate License Count Report in Go Source: https://context7.com/spdx/tools-golang/llms.txt Uses reporter.Generate to output a tabulated distribution of concluded licenses for described packages in an SPDX document. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/reporter" "github.com/spdx/tools-golang/spdxlib" "github.com/spdx/tools-golang/tagvalue" ) func main() { // Load SPDX document file, err := os.Open("project.spdx") if err != nil { fmt.Printf("Error opening file: %v\n", err) return } defer file.Close() doc, err := tagvalue.Read(file) if err != nil { fmt.Printf("Error parsing SPDX file: %v\n", err) return } // Get the described packages pkgIDs, err := spdxlib.GetDescribedPackageIDs(doc) if err != nil { fmt.Printf("Error getting described packages: %v\n", err) return } // Generate report for each described package for _, pkg := range doc.Packages { // Check if this package is described by the document isDescribed := false for _, id := range pkgIDs { if pkg.PackageSPDXIdentifier == id { isDescribed = true break } } if !isDescribed { continue } // Check if files were analyzed if !pkg.FilesAnalyzed { fmt.Printf("Package %s: Files not analyzed\n", pkg.PackageName) continue } // Generate and print the license report fmt.Printf("\n=== License Report for %s ===\n", pkg.PackageName) err = reporter.Generate(pkg, os.Stdout) if err != nil { fmt.Printf("Error generating report: %v\n", err) } } } ``` -------------------------------- ### Add SPDX License Identifier for Go Files Source: https://github.com/spdx/tools-golang/blob/main/CONTRIBUTING.md New Go code files must include a short-form SPDX ID at the top, specifying the project's dual license: Apache-2.0 OR GPL-2.0-or-later. ```go // SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ``` -------------------------------- ### Load SPDX RDF file Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Loads an SPDX RDF file and prints the internal struct representation. ```bash go run exampleRDFLoader.go ../sample-docs/rdf/SPDXRdfExample-v2.2.spdx.rdf ``` -------------------------------- ### Generate SPDX license report Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Loads an SPDX file and prints a report of concluded license counts. ```bash go run example_report.go ../sample-docs/tv/hello.spdx ``` -------------------------------- ### Load SPDX tag-value file Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Loads an SPDX tag-value file from disk into memory and prints its contents. ```bash go run example_load.go ../sample-docs/tv/hello.spdx ``` -------------------------------- ### Load SPDX JSON file Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Loads an SPDX JSON file and logs attributes to the console. ```bash go run example_json_loader.go ../sample-docs/json/SPDXJSONExample-v2.2.spdx.json ``` -------------------------------- ### Add SPDX License Identifier for Documentation Files Source: https://github.com/spdx/tools-golang/blob/main/CONTRIBUTING.md New documentation files require a short-form SPDX ID at the top, indicating the documentation license as CC-BY-4.0. ```text SPDX-License-Identifier: CC-BY-4.0 ``` -------------------------------- ### Serialize SPDX to YAML in Go Source: https://context7.com/spdx/tools-golang/llms.txt Uses yaml.Write to serialize an SPDX document structure into a YAML file. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/json" "github.com/spdx/tools-golang/yaml" ) func main() { // Load a JSON document fileIn, err := os.Open("input.spdx.json") if err != nil { fmt.Printf("Error opening input file: %v\n", err) return } defer fileIn.Close() doc, err := json.Read(fileIn) if err != nil { fmt.Printf("Error parsing input file: %v\n", err) return } // Create output YAML file fileOut, err := os.Create("output.spdx.yaml") if err != nil { fmt.Printf("Error creating output file: %v\n", err) return } defer fileOut.Close() // Write as YAML err = yaml.Write(doc, fileOut) if err != nil { fmt.Printf("Error writing YAML file: %v\n", err) return } fmt.Println("Successfully converted to YAML format") } ``` -------------------------------- ### Convert SPDX Document Versions Source: https://context7.com/spdx/tools-golang/llms.txt Converts an SPDX 2.2 document to version 2.3 using the convert package. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/convert" "github.com/spdx/tools-golang/json" "github.com/spdx/tools-golang/spdx/v2/v2_2" "github.com/spdx/tools-golang/spdx/v2/v2_3" ) func main() { // Load an SPDX 2.2 document file, err := os.Open("document-v2.2.spdx.json") if err != nil { fmt.Printf("Error opening file: %v\n", err) return } defer file.Close() // Read into a v2_2 document specifically var doc22 v2_2.Document err = json.ReadInto(file, &doc22) if err != nil { fmt.Printf("Error parsing SPDX file: %v\n", err) return } fmt.Printf("Loaded SPDX %s document\n", doc22.SPDXVersion) // Convert to v2_3 var doc23 v2_3.Document err = convert.Document(&doc22, &doc23) if err != nil { fmt.Printf("Error converting document: %v\n", err) return } fmt.Printf("Converted to SPDX %s\n", doc23.SPDXVersion) // Save the converted document fileOut, err := os.Create("document-v2.3.spdx.json") if err != nil { fmt.Printf("Error creating output file: %v\n", err) return } defer fileOut.Close() err = json.Write(&doc23, fileOut, json.Indent(" ")) if err != nil { fmt.Printf("Error writing file: %v\n", err) return } fmt.Println("Successfully converted and saved document") } ``` -------------------------------- ### Load and save SPDX tag-value file Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Loads an SPDX tag-value file and saves it to a new location. ```bash go run example_load_save.go ../sample-docs/tv/hello.spdx test.spdx ``` -------------------------------- ### Compare Licenses Between SPDX Packages in Go Source: https://context7.com/spdx/tools-golang/llms.txt Uses licensediff to identify license changes, additions, or removals between two versions of an SPDX package. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/licensediff" "github.com/spdx/tools-golang/tagvalue" ) func main() { // Load first SPDX document (e.g., version 1.0) file1, err := os.Open("project-v1.spdx") if err != nil { fmt.Printf("Error opening first file: %v\n", err) return } defer file1.Close() doc1, err := tagvalue.Read(file1) if err != nil { fmt.Printf("Error parsing first file: %v\n", err) return } // Load second SPDX document (e.g., version 2.0) file2, err := os.Open("project-v2.spdx") if err != nil { fmt.Printf("Error opening second file: %v\n", err) return } defer file2.Close() doc2, err := tagvalue.Read(file2) if err != nil { fmt.Printf("Error parsing second file: %v\n", err) return } // Compare packages (assuming single package in each document) pkg1 := doc1.Packages[0] pkg2 := doc2.Packages[0] // Create license pairs from both packages pairs, err := licensediff.MakePairs(pkg1, pkg2) if err != nil { fmt.Printf("Error creating license pairs: %v\n", err) return } // Generate structured diff results results, err := licensediff.MakeResults(pairs) if err != nil { fmt.Printf("Error generating results: %v\n", err) return } // Report findings fmt.Printf("=== License Diff Report ===\n") fmt.Printf("Files only in v1: %d\n", len(results.InFirstOnly)) fmt.Printf("Files only in v2: %d\n", len(results.InSecondOnly)) fmt.Printf("Files with changed licenses: %d\n", len(results.InBothChanged)) fmt.Printf("Files with same licenses: %d\n", len(results.InBothSame)) // Show files with changed licenses if len(results.InBothChanged) > 0 { fmt.Printf("\n--- License Changes ---\n") for filename, pair := range results.InBothChanged { fmt.Printf("%s:\n v1: %s\n v2: %s\n", filename, pair.First, pair.Second) } } // Show new files in v2 if len(results.InSecondOnly) > 0 { fmt.Printf("\n--- New Files in v2 ---\n") for filename, license := range results.InSecondOnly { fmt.Printf("%s: %s\n", filename, license) } } // Show removed files if len(results.InFirstOnly) > 0 { fmt.Printf("\n--- Removed Files (in v1 only) ---\n") for filename, license := range results.InFirstOnly { fmt.Printf("%s: %s\n", filename, license) } } } ``` -------------------------------- ### Parse SPDX RDF/XML in Go Source: https://context7.com/spdx/tools-golang/llms.txt Uses rdf.Read to parse SPDX RDF/XML files, supporting versions 2.2 and 2.3. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/rdf" ) func main() { // Open the SPDX RDF file file, err := os.Open("example.spdx.rdf") if err != nil { fmt.Printf("Error opening file: %v\n", err) return } defer file.Close() // Parse the SPDX RDF document doc, err := rdf.Read(file) if err != nil { fmt.Printf("Error parsing SPDX RDF file: %v\n", err) return } // Display document properties fmt.Printf("Document Name: %s\n", doc.DocumentName) fmt.Printf("SPDX Version: %s\n", doc.SPDXVersion) fmt.Printf("Document Namespace: %s\n", doc.DocumentNamespace) // List all relationships for _, rel := range doc.Relationships { fmt.Printf("Relationship: %s %s %s\n", rel.RefA.ElementRefID, rel.Relationship, rel.RefB.ElementRefID) } } ``` -------------------------------- ### Parse SPDX YAML in Go Source: https://context7.com/spdx/tools-golang/llms.txt Uses yaml.Read to parse an SPDX YAML file and access document metadata and package information. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/yaml" ) func main() { // Open the SPDX YAML file file, err := os.Open("example.spdx.yaml") if err != nil { fmt.Printf("Error opening file: %v\n", err) return } defer file.Close() // Parse the SPDX YAML document doc, err := yaml.Read(file) if err != nil { fmt.Printf("Error parsing SPDX YAML file: %v\n", err) return } // Display document info fmt.Printf("Document Name: %s\n", doc.DocumentName) fmt.Printf("SPDX Version: %s\n", doc.SPDXVersion) fmt.Printf("Data License: %s\n", doc.DataLicense) // List packages and their external references for _, pkg := range doc.Packages { fmt.Printf("Package: %s\n", pkg.PackageName) for _, extRef := range pkg.PackageExternalReferences { fmt.Printf(" External Ref: %s (%s): %s\n", extRef.RefType, extRef.Category, extRef.Locator) } } } ``` -------------------------------- ### Write SPDX Tag-Value File Source: https://context7.com/spdx/tools-golang/llms.txt Serializes an SPDX Document to tag-value format and writes it to an io.Writer. Supports documents in versions 2.1, 2.2, and 2.3. Requires loading an existing document, modifying it, creating an output file, and then writing. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/tagvalue" ) func main() { // First, load an existing document fileIn, err := os.Open("input.spdx") if err != nil { fmt.Printf("Error opening input file: %v\n", err) return } defer fileIn.Close() doc, err := tagvalue.Read(fileIn) if err != nil { fmt.Printf("Error parsing input file: %v\n", err) return } // Modify the document as needed doc.DocumentComment = "Modified by tools-golang" // Create output file fileOut, err := os.Create("output.spdx") if err != nil { fmt.Printf("Error creating output file: %v\n", err) return } defer fileOut.Close() // Write the document in tag-value format err = tagvalue.Write(doc, fileOut) if err != nil { fmt.Printf("Error writing SPDX file: %v\n", err) return } fmt.Println("Successfully saved SPDX document") } ``` -------------------------------- ### Diff SPDX license files Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Generates a diff of concluded licenses between two SPDX documents with matching IDs. ```bash go run example_licensediff.go ../sample-docs/tv/hello.spdx ../sample-docs/tv/hello-modified.spdx ``` -------------------------------- ### Validate SPDX Document Structure Source: https://context7.com/spdx/tools-golang/llms.txt Uses spdxlib.ValidateDocument to verify document integrity and checks for described packages. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/spdxlib" "github.com/spdx/tools-golang/tagvalue" ) func main() { // Load SPDX document file, err := os.Open("document.spdx") if err != nil { fmt.Printf("Error opening file: %v\n", err) return } defer file.Close() doc, err := tagvalue.Read(file) if err != nil { fmt.Printf("Error parsing SPDX file: %v\n", err) return } // Validate the document err = spdxlib.ValidateDocument(doc) if err != nil { fmt.Printf("Document validation failed: %v\n", err) return } fmt.Println("Document is valid!") // Additional validation - check for described packages pkgIDs, err := spdxlib.GetDescribedPackageIDs(doc) if err != nil { fmt.Printf("Warning: Could not determine described packages: %v\n", err) } else { fmt.Printf("Document describes %d package(s)\n", len(pkgIDs)) for _, id := range pkgIDs { fmt.Printf(" - %s\n", id) } } } ``` -------------------------------- ### Serialize SPDX to JSON in Go Source: https://context7.com/spdx/tools-golang/llms.txt Uses json.Write to convert an SPDX document to JSON with optional indentation and HTML escaping settings. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/json" "github.com/spdx/tools-golang/tagvalue" ) func main() { // Load a tag-value document fileIn, err := os.Open("input.spdx") if err != nil { fmt.Printf("Error opening input file: %v\n", err) return } defer fileIn.Close() doc, err := tagvalue.Read(fileIn) if err != nil { fmt.Printf("Error parsing input file: %v\n", err) return } // Create output JSON file fileOut, err := os.Create("output.spdx.json") if err != nil { fmt.Printf("Error creating output file: %v\n", err) return } defer fileOut.Close() // Write with formatting options opts := []json.WriteOption{ json.Indent(" "), // Pretty-print with 2-space indent json.EscapeHTML(false), // Don't escape HTML characters } err = json.Write(doc, fileOut, opts...) if err != nil { fmt.Printf("Error writing JSON file: %v\n", err) return } fmt.Println("Successfully converted to JSON format") } ``` -------------------------------- ### Read SPDX Tag-Value File Source: https://context7.com/spdx/tools-golang/llms.txt Parses an SPDX tag-value formatted file from an io.Reader. Automatically detects the SPDX version. Requires opening and deferring the close of the input file. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/tagvalue" ) func main() { // Open the SPDX tag-value file file, err := os.Open("example.spdx") if err != nil { fmt.Printf("Error opening file: %v\n", err) return } defer file.Close() // Parse the SPDX document doc, err := tagvalue.Read(file) if err != nil { fmt.Printf("Error parsing SPDX file: %v\n", err) return } // Access document properties fmt.Printf("Document Name: %s\n", doc.DocumentName) fmt.Printf("SPDX Version: %s\n", doc.SPDXVersion) fmt.Printf("Document Namespace: %s\n", doc.DocumentNamespace) fmt.Printf("Data License: %s\n", doc.DataLicense) // Iterate through packages for _, pkg := range doc.Packages { fmt.Printf("Package: %s (ID: %s)\n", pkg.PackageName, pkg.PackageSPDXIdentifier) fmt.Printf(" Version: %s\n", pkg.PackageVersion) fmt.Printf(" License Concluded: %s\n", pkg.PackageLicenseConcluded) // Iterate through files in package for _, f := range pkg.Files { fmt.Printf(" File: %s - License: %s\n", f.FileName, f.LicenseConcluded) } } } ``` -------------------------------- ### json.Read() Source: https://context7.com/spdx/tools-golang/llms.txt Parses an SPDX JSON formatted file into an SPDX Document structure. ```APIDOC ## json.Read() ### Description Pares an SPDX JSON formatted file and returns a fully-parsed SPDX Document. Automatically detects and handles SPDX versions 2.1, 2.2, and 2.3. ### Parameters #### Request Body - **reader** (io.Reader) - Required - The input stream containing the SPDX JSON data. ### Response #### Success Response (200) - **doc** (spdx.Document) - The parsed SPDX document structure. ``` -------------------------------- ### Read SPDX JSON File Source: https://context7.com/spdx/tools-golang/llms.txt Parses an SPDX JSON formatted file from an io.Reader. Automatically detects and handles SPDX versions 2.1, 2.2, and 2.3. Requires opening and deferring the close of the input file. ```go package main import ( "fmt" "os" "github.com/spdx/tools-golang/json" ) func main() { // Open the SPDX JSON file file, err := os.Open("example.spdx.json") if err != nil { fmt.Printf("Error opening file: %v\n", err) return } defer file.Close() // Parse the SPDX JSON document doc, err := json.Read(file) if err != nil { fmt.Printf("Error parsing SPDX JSON file: %v\n", err) return } // Access document properties fmt.Printf("Document Name: %s\n", doc.DocumentName) fmt.Printf("SPDX Version: %s\n", doc.SPDXVersion) fmt.Printf("Document Namespace: %s\n", doc.DocumentNamespace) // Access creation info if doc.CreationInfo != nil { fmt.Printf("Created: %s\n", doc.CreationInfo.Created) for _, creator := range doc.CreationInfo.Creators { fmt.Printf("Creator: %s\n", creator.Creator) } } // List all packages with their licenses for _, pkg := range doc.Packages { fmt.Printf("Package: %s\n", pkg.PackageName) fmt.Printf(" Download Location: %s\n", pkg.PackageDownloadLocation) fmt.Printf(" License Declared: %s\n", pkg.PackageLicenseDeclared) } } ``` -------------------------------- ### Convert SPDX tag-value to YAML Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Converts an SPDX tag-value file to YAML format. ```bash go run exampletvtoyaml.go ../sample-docs/tv/hello.spdx example.yaml ``` -------------------------------- ### tagvalue.Write() Source: https://context7.com/spdx/tools-golang/llms.txt Serializes an SPDX Document structure into tag-value format and writes it to an io.Writer. ```APIDOC ## tagvalue.Write() ### Description Serializes an SPDX Document to tag-value format and writes it to an io.Writer. Supports versions 2.1, 2.2, and 2.3. ### Parameters #### Request Body - **doc** (spdx.Document) - Required - The SPDX document structure to serialize. - **writer** (io.Writer) - Required - The output stream to write the tag-value data to. ``` -------------------------------- ### Convert SPDX YAML to tag-value Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Converts an SPDX YAML file to tag-value format. ```bash go run exampleyamltotv.go ../sample-docs/yaml/SPDXYAMLExample-2.2.spdx.yaml test.spdx ``` -------------------------------- ### Ignore Specific License Identifier Lines Source: https://github.com/spdx/tools-golang/blob/main/testdata/project4/has-id-to-ignore.txt This code demonstrates a conditional check to ignore lines that contain a specific SPDX license identifier, preventing them from being treated as short-form IDs for a file. Ensure the 'file' object has a 'contains' method. ```Go if file.contains("SPDX-License-Identifier: GPL-2.0") { // do something... } ``` -------------------------------- ### Convert SPDX JSON to tag-value Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Converts an SPDX JSON file to tag-value format. ```bash go run examplejsontotv.go ../sample-docs/json/SPDXJSONExample-v2.2.spdx.json example.spdx ``` -------------------------------- ### tagvalue.Read() Source: https://context7.com/spdx/tools-golang/llms.txt Parses an SPDX tag-value formatted file from an io.Reader into an SPDX Document structure. ```APIDOC ## tagvalue.Read() ### Description Parses an SPDX tag-value formatted file from an io.Reader and returns a fully-parsed SPDX Document structure. It automatically detects the SPDX version from the file content. ### Parameters #### Request Body - **reader** (io.Reader) - Required - The input stream containing the SPDX tag-value data. ### Response #### Success Response (200) - **doc** (spdx.Document) - The parsed SPDX document structure. ``` -------------------------------- ### Convert SPDX tag-value to JSON Source: https://github.com/spdx/tools-golang/blob/main/examples/README.md Converts an SPDX tag-value file to JSON format. ```bash go run exampletvtojson.go ../sample-docs/tv/hello.spdx example.json ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.