Initial import of the new SPDX 3.0 spec.

This is based off the work of Alexios Zavras (zvr) <[email protected]>
almost entirely, with only some minor modifications made by me to
add some documentation notes (CHANGELOG.md) and some Python
details.  It has been done to preserve file history as much
as possible.

Signed-off-by: Jeff Licquia <[email protected]>

CHANGELOG.md

@@ -1,6 +1,10 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## 3.0 (TBD)
+
+* Refactored the build process and mkdocs process.
+
 ## 2.2 (2020-05-02)
 
 * Added more relationship types to [Relationships](https://github.com/spdx/spdx-spec/blob/development/v2.2/chapters/7-relationships-between-SPDX-elements.md).

chapters/RDF-object-model-and-identifier-syntax.md → docs/annexes/RDF-object-model-and-identifier-syntax.md

@@ -1,5 +1,7 @@
 # Annex C RDF object model and identifier syntax (Normative)
 
+TODO: update for SPDXv3
+
 ## C.1 Introduction <a name="C.1"></a>
 
 SPDX ® Vocabulary Specification

chapters/SPDX-license-expressions.md → docs/annexes/SPDX-license-expressions.md

@@ -1,5 +1,7 @@
 # Annex D SPDX license expressions (Normative)
 
+TODO: update for SPDXv3
+
 ## D.1 Overview <a name="D.1"></a>
 
 Often a single license can be used to represent the licensing terms of a source code or binary file, but there are situations where a single license identifier is not sufficient. A common example is when software is offered under a choice of one or more licenses (e.g., GPL-2.0-only OR BSD-3-Clause). Another example is when a set of licenses is needed to represent a binary program constructed by compiling and linking two (or more) different source files each governed by different licenses (e.g., LGPL-2.1-only AND BSD-3-Clause).

chapters/diffs-from-previous-editions.md → docs/annexes/diffs-from-previous-editions.md

@@ -1,5 +1,7 @@
 # Annex I Differences from previous editions (Informative)
 
+TODO: re-write for SPDXv3
+
 # I.1 Differences between V2.3 and V2.2.2  <a name="I.1"></a>
 
 V2.3 has added new fields to improve the ability to capture security related information and to improve interoperabiility with other SBOM formats.  

chapters/external-repository-identifiers.md → docs/annexes/external-repository-identifiers.md

@@ -1,5 +1,7 @@
 # Annex F External repository identifiers (Normative)
 
+TODO: re-write for SPDXv3 (if needed)
+
 ## F.1 Introduction <a name="F.1"></a>
 
 This specification allows external resources

chapters/file-tags.md → docs/annexes/file-tags.md

@@ -1,4 +1,6 @@
-# Annex H Specifying SPDX information in source files (Informative)
+# Specifying SPDX information in source files (Informative)
+
+TODO: re-write for SPDXv3
 
 ## H.1 Rationale <a name="H.1"></a>
 

chapters/how-to-use.md → docs/annexes/how-to-use.md

@@ -1,5 +1,7 @@
 # Annex K: How To Use SPDX in Different Scenarios
 
+TODO: re-write for SPDXv3
+
 ## K.1 Including security information in a SPDX document
 
 SPDX 2.x has the concept of an External Reference for a Package to "reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package." 

docs/annexes/using-SPDX-lite.md

@@ -0,0 +1,4 @@
+# Using SPDX Lite (Informative)
+
+TODO: re-write for SPDXv3
+

chapters/using-SPDX-short-identifiers-in-source-files.md → docs/annexes/using-SPDX-short-identifiers-in-source-files.md

@@ -1,5 +1,7 @@
 # Annex E Using SPDX license list short identifiers in source files (Informative)
 
+TODO: update for SPDXv3
+
 ## E.1 Introduction <a name="E.1"></a>
 
 Identifying the license for open source software is critical for both reporting purposes and license compliance. However, determining the license can sometimes be difficult due to a lack of information or ambiguous information. Even when licensing information is present, a lack of consistent notation can make automating the task of license detection very difficult, thus requiring vast amounts of human effort.

chapters/conformance.md → docs/conformance.md

@@ -1,5 +1,7 @@
 # 4 Conformance
 
+TODO: update for SPDXv3
+
 ## 4.1 SPDX Current and Previous Versions <a name="4.1"></a>
 
 This edition has the version number 2.3 as part of its title. This is a follow on from [ISO/IEC 5962:2021

chapters/index.md → docs/index.md

@@ -1,7 +1,11 @@
-# The Software Package Data Exchange® (SPDX®) Specification Version 2.3
+# The Software Package Data Exchange® (SPDX®) Specification Version 3.0-DRAFT
 
-Copyright © 2010-2022 Linux Foundation and its Contributors.
-This work is licensed under the Creative Commons Attribution License 3.0 Unported (CC-BY-3.0) reproduced in its entirety in [Annex J](creative-commons-attribution-license-3.0-unported.md) herein. All other rights are expressly reserved.
+Copyright © 2010-2023 Linux Foundation and its Contributors.
+
+This work is licensed under the
+Creative Commons Attribution License 3.0 Unported (CC-BY-3.0)
+and the Community specification License 1.0,
+both reproduced in their entirety in annexes herein.
 
 With thanks to
 Adam Cohn,