THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Difference between revisions of "Technical Team/Minutes/2011-08-02"

From SPDX Wiki
Jump to: navigation, search
 
(Convert to MediaWiki syntax)
 
Line 1: Line 1:
<p><p style="font-family: Arial, Helvetica, sans-serif; margin-top: 5px; margin-right: 0px; margin-bottom: 10px; margin-left: 0px; font-size: 12px; color: #666666; line-height: 18px; font-weight: normal; padding: 0px;">Minutes 7/28/2011</p><p style="font-family: Arial, Helvetica, sans-serif; margin-top: 5px; margin-right: 0px; margin-bottom: 10px; margin-left: 0px; font-size: 12px; color: #666666; line-height: 18px; font-weight: normal; padding: 0px;">Attendees:</p><ul style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; list-style-type: disc; margin-top: 0px; margin-right: 0px; margin-bottom: 10px; margin-left: 20px; font-size: 12px; padding: 0px;"><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Kirsten Newcomer</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Nicholas Loke</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Peter Williams</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Kate Stewart</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Steve Cropper</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Jack Manbeck</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Marshall Clow</li></ul><p style="font-family: Arial, Helvetica, sans-serif; margin-top: 5px; margin-right: 0px; margin-bottom: 10px; margin-left: 0px; font-size: 12px; color: #666666; line-height: 18px; font-weight: normal; padding: 0px;">Agenda:</p><ul style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; list-style-type: disc; margin-top: 0px; margin-right: 0px; margin-bottom: 10px; margin-left: 20px; font-size: 12px; padding: 0px;"><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Discussion of Supplier related fields</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Review of recent updates to the Spec</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Open Action Items (see list at end of minutes)</li></ul><p style="font-family: Arial, Helvetica, sans-serif; margin-top: 5px; margin-right: 0px; margin-bottom: 10px; margin-left: 0px; font-size: 12px; color: #666666; line-height: 18px; font-weight: normal; padding: 0px;">Supplier fields discussion</p><ul style="list-style-type: disc; margin-top: 0px; margin-right: 0px; margin-bottom: 10px; margin-left: 20px; padding: 0px;"><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Kate has updated the working version of the spec with the two fields discussed last week<ul style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px;"><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Package Supplier</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Package Originator</li></ul></li><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Today's discussion started with some email threads on intended use of&nbsp;</li><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">We seem to have a common understanding of what info should be used to fill in the Package Supplier field</li><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">We're still working toward a common understanding for the Package Originator field<ul><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">We discussed a few possibilities. For example, is the data in the Package Originator field<ul style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px;"><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">the copyright holder?</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">the place where the Supplier got the code?</li></ul></li><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">We discussed the desire to capture the chain of custody in the SPDX document; Kate noted that was part of the original intent of the Reviewer field</span></span></li><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">We noted that there is an overlap between the goal of capturing chain of custody and the need for hierarchy in the SPDX document; hierarchy will be discussed post 1.0</span></span></li></ul></li><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Concluded: we need to make an extra effort to document the thinking behind these fields and provide usage guidelines</li></ul><p><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">Additional updates to Spec</span></span></p></p><ul style="list-style-type: disc; margin-top: 0px; margin-right: 0px; margin-bottom: 10px; margin-left: 20px; padding: 0px;"><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">Kate walked the team through some additional updates that have been made to the spec as well as some planned changes based on feedback</span></span></li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;"><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">Key changes include:</span></span><br /><ul style="list-style-type: disc; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 20px; padding: 0px;"><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Clean up of RDF section (typos, spelling)</li><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Proposed changes to certain field names for tag/value</li><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Section 1.7: Conformance statement will point to trademark statement that is being worked by legal team and will be posted to web. This is not yet finalized.</li><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Section 2.2: SPDX data will still be delivered under PDDL-1.0. Confidentiality field has been dropped.<ul style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px;"><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">Acknowledged that this could be an issue for using SPDX with commercial/proprietary code and plan to discuss commercial code use case post-1.0 GA</li></ul></li><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">Recommend that info be added on where to provide feedback</span></span></li></ul></li></ul><p><p style="font-family: Arial, Helvetica, sans-serif; margin-top: 5px; margin-right: 0px; margin-bottom: 10px; margin-left: 0px; font-size: 12px; color: #666666; line-height: 18px; font-weight: normal; padding: 0px;"><strong>Open Action Items</strong></p></p><ul style="list-style-type: disc; margin-top: 0px; margin-right: 0px; margin-bottom: 10px; margin-left: 20px; padding: 0px;"><li style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px;"><span style="color: #666666; line-height: 18px;">Everyone: Bug list review</span><ul style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px;"><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">review for any open P1s assigned to you</li><li style="margin-top: 0px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px;">review closed bugs to be sure we're in agreement</li></ul></li><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">Start developing Guidelines for Implementation/Use and/or Best Practices&nbsp;</span></span><ul><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">Everyone: Review current FAQ as starting point. You can find it here:&nbsp;<br /></span></span><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif; font-size: 12px;">http://spdx.org/spec/guidelines</span></li><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">If you've volunteered to update/add to a certain section, please add your name here. :-)</span></span></li></ul></li><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">Kirsten: Provide website location for 2 items so can be referenced in Spec</span></span><ul><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">Process for requesting licenses be added to SPDX license list.&nbsp;</span></span></li><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">SPDX trademark terms.</span></span><ul><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">I've added placehoder text for a links here: http://spdx.org/spec&nbsp;</span></span></li><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">I don't have the privs to create a new child page and will send a note to Martin&nbsp;</span></span></li></ul></li></ul></li><li><span style="color: #4d4d4d; font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 12px;">Everyone: Please review the spec with the goal of approving final version next week if possible</span></span></li></ul><p><p style="font-family: Arial, Helvetica, sans-serif; margin-top: 5px; margin-right: 0px; margin-bottom: 10px; margin-left: 0px; font-size: 12px; color: #666666; line-height: 18px; font-weight: normal; padding: 0px;">Corrections, additions welcome.</p></p>
+
== Attendees ==
 +
 
 +
* Kirsten Newcomer
 +
* Nicholas Loke
 +
* Peter Williams
 +
* Kate Stewart
 +
* Steve Cropper
 +
* Jack Manbeck
 +
* Marshall Clow
 +
 
 +
== Agenda ==
 +
 
 +
* Discussion of Supplier related fields
 +
* Review of recent updates to the Spec
 +
* Open Action Items (see list at end of minutes)
 +
 
 +
== Supplier fields discussion ==
 +
 
 +
* Kate has updated the working version of the spec with the two fields discussed last week
 +
** Package Supplier
 +
** Package Originator
 +
* Today's discussion started with some email threads on intended use of
 +
* We seem to have a common understanding of what info should be used to fill in the Package Supplier field
 +
* We're still working toward a common understanding for the Package Originator field
 +
** We discussed a few possibilities. For example, is the data in the Package Originator field
 +
*** the copyright holder?
 +
*** the place where the Supplier got the code?
 +
** We discussed the desire to capture the chain of custody in the SPDX document; Kate noted that was part of the original intent of the Reviewer field
 +
** We noted that there is an overlap between the goal of capturing chain of custody and the need for hierarchy in the SPDX document; hierarchy will be discussed post 1.0
 +
* Concluded: we need to make an extra effort to document the thinking behind these fields and provide usage guidelines
 +
 
 +
== Additional updates to Spec ==
 +
 
 +
* Kate walked the team through some additional updates that have been made to the spec as well as some planned changes based on feedback
 +
* Key changes include:
 +
** Clean up of RDF section (typos, spelling)
 +
** Proposed changes to certain field names for tag/value
 +
** Section 1.7: Conformance statement will point to trademark statement that is being worked by legal team and will be posted to web. This is not yet finalized.
 +
** Section 2.2: SPDX data will still be delivered under PDDL-1.0. Confidentiality field has been dropped.
 +
*** Acknowledged that this could be an issue for using SPDX with commercial/proprietary code and plan to discuss commercial code use case post-1.0 GA
 +
** Recommend that info be added on where to provide feedback
 +
 
 +
== Open Action Items ==
 +
 
 +
* Everyone: Bug list review
 +
** review for any open P1s assigned to you
 +
** review closed bugs to be sure we're in agreement
 +
* Start developing Guidelines for Implementation/Use and/or Best Practices
 +
** Everyone: Review current FAQ as starting point. You can find it here: http://spdx.org/spec/guidelines
 +
** If you've volunteered to update/add to a certain section, please add your name here. :-)
 +
* Kirsten: Provide website location for 2 items so can be referenced in Spec
 +
** Process for requesting licenses be added to SPDX license list.
 +
** SPDX trademark terms.
 +
*** I've added placehoder text for a links here: http://spdx.org/spec
 +
*** I don't have the privs to create a new child page and will send a note to Martin
 +
* Everyone: Please review the spec with the goal of approving final version next week if possible
 +
 
 +
Corrections, additions welcome.
 +
 
 +
[[Category:Technical|Minutes]]
 +
[[Category:Minutes]]

Latest revision as of 13:16, 6 March 2013

Attendees

  • Kirsten Newcomer
  • Nicholas Loke
  • Peter Williams
  • Kate Stewart
  • Steve Cropper
  • Jack Manbeck
  • Marshall Clow

Agenda

  • Discussion of Supplier related fields
  • Review of recent updates to the Spec
  • Open Action Items (see list at end of minutes)

Supplier fields discussion

  • Kate has updated the working version of the spec with the two fields discussed last week
    • Package Supplier
    • Package Originator
  • Today's discussion started with some email threads on intended use of
  • We seem to have a common understanding of what info should be used to fill in the Package Supplier field
  • We're still working toward a common understanding for the Package Originator field
    • We discussed a few possibilities. For example, is the data in the Package Originator field
      • the copyright holder?
      • the place where the Supplier got the code?
    • We discussed the desire to capture the chain of custody in the SPDX document; Kate noted that was part of the original intent of the Reviewer field
    • We noted that there is an overlap between the goal of capturing chain of custody and the need for hierarchy in the SPDX document; hierarchy will be discussed post 1.0
  • Concluded: we need to make an extra effort to document the thinking behind these fields and provide usage guidelines

Additional updates to Spec

  • Kate walked the team through some additional updates that have been made to the spec as well as some planned changes based on feedback
  • Key changes include:
    • Clean up of RDF section (typos, spelling)
    • Proposed changes to certain field names for tag/value
    • Section 1.7: Conformance statement will point to trademark statement that is being worked by legal team and will be posted to web. This is not yet finalized.
    • Section 2.2: SPDX data will still be delivered under PDDL-1.0. Confidentiality field has been dropped.
      • Acknowledged that this could be an issue for using SPDX with commercial/proprietary code and plan to discuss commercial code use case post-1.0 GA
    • Recommend that info be added on where to provide feedback

Open Action Items

  • Everyone: Bug list review
    • review for any open P1s assigned to you
    • review closed bugs to be sure we're in agreement
  • Start developing Guidelines for Implementation/Use and/or Best Practices
    • Everyone: Review current FAQ as starting point. You can find it here: http://spdx.org/spec/guidelines
    • If you've volunteered to update/add to a certain section, please add your name here. :-)
  • Kirsten: Provide website location for 2 items so can be referenced in Spec
    • Process for requesting licenses be added to SPDX license list.
    • SPDX trademark terms.
      • I've added placehoder text for a links here: http://spdx.org/spec
      • I don't have the privs to create a new child page and will send a note to Martin
  • Everyone: Please review the spec with the goal of approving final version next week if possible

Corrections, additions welcome.