From 5a4c26c271c68bc72e8524848acb34aebd1b2a42 Mon Sep 17 00:00:00 2001 From: Karsten Klein Date: Wed, 10 Apr 2024 19:04:05 +0200 Subject: [PATCH] Adapting structure of annex; adding BSI TR-03183 --- docs/annexes/using-SPDX-to-comply-with-industry-guidance.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/annexes/using-SPDX-to-comply-with-industry-guidance.md b/docs/annexes/using-SPDX-to-comply-with-industry-guidance.md index af059985db..51661a0158 100644 --- a/docs/annexes/using-SPDX-to-comply-with-industry-guidance.md +++ b/docs/annexes/using-SPDX-to-comply-with-industry-guidance.md @@ -38,7 +38,7 @@ becoming effective in 2027. The guideline can be regarded as German equivalent of the US Executive Order 14028. Nevertheless, BSI is exploring various options and recommendations to further detail the content of SBOMs. -Important elements of the guideline with regards to SPDX: +Important elements of the guideline in the context of SPDX: * The guideline references SPDX as one of the exchange formats for SBOMs. * It defines levels of details as well as mandatory and optional data fields. * The guideline scopes the content (dependency relationships) of an SBOM (top-level, n-level, transitive, delivery item, complete).