From SPDX Wiki
- Gary O’Neall
- Bill Schineller
- Kirsten Newcomer
- Kate Stewart
- Rana Rahal
- Ed Warnicke
- Peter Williams
- Updates, review next steps on the embedded proposal
- Discussion on additional license metadata for custom licenses – bug #975 submitted to capture the request
- Tools update – Source code pushed to Linux foundation git repo and github. Rana contributed a tag to rdf tool. A first pass is complete on the HTML viewer. The HTML viewer will produce a single HTML file. Currently there is no formatting on the HTML file. Binaries for the tools will be built and published once unit testing is complete.
- Website update – Discussion on use of github as a backup to Linux foundation git repo, but the Linux foundation will be primary repo
Review of last week’s minutes
- Discussion on backwards compatibility requirements. Need to have a definitive statement for the mandatory fields. Have a way to convert forward and an understanding of what would be lost translating back. Need to be a way to represent one model that incorporates both 1.0 and 2.0 spdx. Propose a general approach of creating a new model that is not constrained by compatibility then, once the proposal is understood; make the specific tradeoffs to compatibility.
- Suggestion to that we have specific examples to work against for working on the hierarchical proposals. Suggestion for examples on embedded packages (zlib and coreutils), need an example for supply change and possible one that mixes both supply chain and embedded. FFMPEG and JBoss were suggested. Three examples, zlib, coreutils, FFMPEG. Rsyslog as an example of a simple supply chain example. It is showing up in various embedded products. Commons Logging as another example – simple embedded case. Consider a Maven based scenario. Apache CFX as another example.
- Suggestion to replace the term ACL (“includes/excludes”)