THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Difference between revisions of "Technical Team/Minutes/2011-08-02"
From SPDX Wiki
< Technical Team | Minutes
(Convert to MediaWiki syntax) |
|||
| Line 1: | Line 1: | ||
| − | + | == Attendees == | |
| + | |||
| + | * Kirsten Newcomer | ||
| + | * Nicholas Loke | ||
| + | * Peter Williams | ||
| + | * Kate Stewart | ||
| + | * Steve Cropper | ||
| + | * Jack Manbeck | ||
| + | * Marshall Clow | ||
| + | |||
| + | == Agenda == | ||
| + | |||
| + | * Discussion of Supplier related fields | ||
| + | * Review of recent updates to the Spec | ||
| + | * Open Action Items (see list at end of minutes) | ||
| + | |||
| + | == Supplier fields discussion == | ||
| + | |||
| + | * Kate has updated the working version of the spec with the two fields discussed last week | ||
| + | ** Package Supplier | ||
| + | ** Package Originator | ||
| + | * Today's discussion started with some email threads on intended use of | ||
| + | * We seem to have a common understanding of what info should be used to fill in the Package Supplier field | ||
| + | * We're still working toward a common understanding for the Package Originator field | ||
| + | ** We discussed a few possibilities. For example, is the data in the Package Originator field | ||
| + | *** the copyright holder? | ||
| + | *** the place where the Supplier got the code? | ||
| + | ** We discussed the desire to capture the chain of custody in the SPDX document; Kate noted that was part of the original intent of the Reviewer field | ||
| + | ** We noted that there is an overlap between the goal of capturing chain of custody and the need for hierarchy in the SPDX document; hierarchy will be discussed post 1.0 | ||
| + | * Concluded: we need to make an extra effort to document the thinking behind these fields and provide usage guidelines | ||
| + | |||
| + | == Additional updates to Spec == | ||
| + | |||
| + | * Kate walked the team through some additional updates that have been made to the spec as well as some planned changes based on feedback | ||
| + | * Key changes include: | ||
| + | ** Clean up of RDF section (typos, spelling) | ||
| + | ** Proposed changes to certain field names for tag/value | ||
| + | ** Section 1.7: Conformance statement will point to trademark statement that is being worked by legal team and will be posted to web. This is not yet finalized. | ||
| + | ** Section 2.2: SPDX data will still be delivered under PDDL-1.0. Confidentiality field has been dropped. | ||
| + | *** Acknowledged that this could be an issue for using SPDX with commercial/proprietary code and plan to discuss commercial code use case post-1.0 GA | ||
| + | ** Recommend that info be added on where to provide feedback | ||
| + | |||
| + | == Open Action Items == | ||
| + | |||
| + | * Everyone: Bug list review | ||
| + | ** review for any open P1s assigned to you | ||
| + | ** review closed bugs to be sure we're in agreement | ||
| + | * Start developing Guidelines for Implementation/Use and/or Best Practices | ||
| + | ** Everyone: Review current FAQ as starting point. You can find it here: http://spdx.org/spec/guidelines | ||
| + | ** If you've volunteered to update/add to a certain section, please add your name here. :-) | ||
| + | * Kirsten: Provide website location for 2 items so can be referenced in Spec | ||
| + | ** Process for requesting licenses be added to SPDX license list. | ||
| + | ** SPDX trademark terms. | ||
| + | *** I've added placehoder text for a links here: http://spdx.org/spec | ||
| + | *** I don't have the privs to create a new child page and will send a note to Martin | ||
| + | * Everyone: Please review the spec with the goal of approving final version next week if possible | ||
| + | |||
| + | Corrections, additions welcome. | ||
| + | |||
| + | [[Category:Technical|Minutes]] | ||
| + | [[Category:Minutes]] | ||
Latest revision as of 13:16, 6 March 2013
Contents
Attendees
- Kirsten Newcomer
- Nicholas Loke
- Peter Williams
- Kate Stewart
- Steve Cropper
- Jack Manbeck
- Marshall Clow
Agenda
- Discussion of Supplier related fields
- Review of recent updates to the Spec
- Open Action Items (see list at end of minutes)
Supplier fields discussion
- Kate has updated the working version of the spec with the two fields discussed last week
- Package Supplier
- Package Originator
- Today's discussion started with some email threads on intended use of
- We seem to have a common understanding of what info should be used to fill in the Package Supplier field
- We're still working toward a common understanding for the Package Originator field
- We discussed a few possibilities. For example, is the data in the Package Originator field
- the copyright holder?
- the place where the Supplier got the code?
- We discussed the desire to capture the chain of custody in the SPDX document; Kate noted that was part of the original intent of the Reviewer field
- We noted that there is an overlap between the goal of capturing chain of custody and the need for hierarchy in the SPDX document; hierarchy will be discussed post 1.0
- We discussed a few possibilities. For example, is the data in the Package Originator field
- Concluded: we need to make an extra effort to document the thinking behind these fields and provide usage guidelines
Additional updates to Spec
- Kate walked the team through some additional updates that have been made to the spec as well as some planned changes based on feedback
- Key changes include:
- Clean up of RDF section (typos, spelling)
- Proposed changes to certain field names for tag/value
- Section 1.7: Conformance statement will point to trademark statement that is being worked by legal team and will be posted to web. This is not yet finalized.
- Section 2.2: SPDX data will still be delivered under PDDL-1.0. Confidentiality field has been dropped.
- Acknowledged that this could be an issue for using SPDX with commercial/proprietary code and plan to discuss commercial code use case post-1.0 GA
- Recommend that info be added on where to provide feedback
Open Action Items
- Everyone: Bug list review
- review for any open P1s assigned to you
- review closed bugs to be sure we're in agreement
- Start developing Guidelines for Implementation/Use and/or Best Practices
- Everyone: Review current FAQ as starting point. You can find it here: http://spdx.org/spec/guidelines
- If you've volunteered to update/add to a certain section, please add your name here. :-)
- Kirsten: Provide website location for 2 items so can be referenced in Spec
- Process for requesting licenses be added to SPDX license list.
- SPDX trademark terms.
- I've added placehoder text for a links here: http://spdx.org/spec
- I don't have the privs to create a new child page and will send a note to Martin
- Everyone: Please review the spec with the goal of approving final version next week if possible
Corrections, additions welcome.
