Hi Alexios, I hope you are doing well. Over the past couple of days, I’ve been studying the SPDX v3 core model more closely and experimenting with representing a small SBOM sample using RDFLib. While modeling basic elements like Artifact, Package, and Relationship as triples, I started thinking more concretely about how ingestion and validation might work within the abstraction layer. One question that came up during experimentation is about enforcing structural correctness. Since RDF stores themselves don’t inherently enforce schema-level constraints (e.g., required properties or cardinality), would you recommend incorporating SHACL-based validation during SBOM ingestion? Or would the abstraction layer itself be responsible for ensuring SPDX compliance before persisting triples? I’m also exploring the export direction — reconstructing a valid SPDX document from stored triples as a way to validate whether the graph structure captures enough semantic detail. It seems like round-trip consistency (SBOM then store then SBOM) could serve as a strong correctness benchmark early on. If there are particular components of the triplestore abstraction library or SPDX v3 model that you think would be most impactful to explore first, I’d be happy to focus there and share findings. Looking forward to your thoughts. Best regards, Manav Gupta
---- Λαμβάνετε αυτό το μήνυμα απο την λίστα: Λίστα αλληλογραφίας και συζητήσεων που απευθύνεται σε φοιτητές developers \& mentors έργων του Google Summer of Code - A discussion list for student developers and mentors of Google Summer of Code projects., https://lists.ellak.gr/gsoc-developers/listinfo.html Μπορείτε να απεγγραφείτε από τη λίστα στέλνοντας κενό μήνυμα ηλ. ταχυδρομείου στη διεύθυνση <gsoc-developers+unsubscribe [ at ] ellak [ dot ] gr>.