THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Difference between revisions of "General Meeting/Minutes/2021-05-06"
From SPDX Wiki
< General Meeting | Minutes
(Created page with "* Attendance: 18 * Lead by Phil Odence * Minutes of Apri meeting Approved * Plan was to switch to Zoom * Considering using Jitsu == SPDX License Name Space at Amazon - Mark...") |
(→Tech Team Report - Kate/Gary/Others) |
||
Line 17: | Line 17: | ||
** Specification conversations continuing to move forward | ** Specification conversations continuing to move forward | ||
** Rough template for categories of topics (what were previously being called “profiles”) | ** Rough template for categories of topics (what were previously being called “profiles”) | ||
− | ** Core Model - | + | ** Core Model - William |
*** No Update | *** No Update | ||
− | ** Licensing | + | ** Licensing - Steve |
*** filed PR with initial draft for discussion of template format, etc.; will update to newer template; previously discussed much of its substance last year | *** filed PR with initial draft for discussion of template format, etc.; will update to newer template; previously discussed much of its substance last year | ||
** Integrity – Kay | ** Integrity – Kay |
Latest revision as of 18:15, 7 May 2021
- Attendance: 18
- Lead by Phil Odence
- Minutes of Apri meeting Approved
- Plan was to switch to Zoom
- Considering using Jitsu
Contents
SPDX License Name Space at Amazon - Mark
- https://docs.google.com/presentation/d/1uCAJW79hzqLAPhXfAn4maCRk9TZUhLJDAPEOBlgUFTw/edit?usp=sharing
Tech Team Report - Kate/Gary/Others
- Spec – Kate
- Specification conversations continuing to move forward
- Rough template for categories of topics (what were previously being called “profiles”)
- Core Model - William
- No Update
- Licensing - Steve
- filed PR with initial draft for discussion of template format, etc.; will update to newer template; previously discussed much of its substance last year
- Integrity – Kay
- working with in-toto community, framework for end-to-end supply chain security; collaborating with them to see if the specs can be aligned
- Defects / Security – Thomas not here today
- pushed first draft of fields for (1) vulnerabilities, and (2) defects => impact on packages, false positives, etc.
- Meetings next week to look at other security specs, their use cases, whether they can / how they should be incorporated
- Linking – Nisha not here today
- Kate discussing with Nisha / Rose
- Usage – Yoshiyuki Ito
- No update
- Pedigree / Build / Creation – Kate
- No Update
- GSoC- Alexios
- Got 5 slots; can run up to 5 projects
- Likely to accept 5 proposals:
- 2 for improving Golang tooling libraries (one RDF writing, one JSON reading/writing)
- 1 for transitioning / updating online SPDX tools
- 1 for spec processing tools
- 1 for improved license matcher, taking matching guidelines into account (unplanned submission)
Legal Team Report - Jilayne/Paul/Steve
- Working for 3.13, planning to push out over the weekend
- Have been trying to clean up old issues
- Some updates on documentation in the repo
- New participants recently – some discussions on recent calls have included reviewing past history; may want to put together more historical documentation of past context, etc.
- Some interest from Debian – interest in getting a Debian-free tickbox into the license list
- License submissions – starting to take a harder line on participation from people submitting license requests without sticking with them. For this release, started asking people to create the PR’s themselves – a few of the submitters at least responded and indicated they would do so
- Still relying on the calls too much; having people commenting in issues out-of-band would be very helpful
Outreach Team Report - Kate
- Continuing to see interest in SPDX across different communities
- Zephyr – auto-generation
- Possible interest in re-starting Outreach team meetings – Sebastian interest, Aveek also
- Kate will reach out to Jack and either ask him to restart or else Kate will restart
Other Topics
- Sebastian – interest in Arch Linux in using SPDX
- Some work being done on the Arch packaging system, interest in using SPDX licenses
- Jitsi
- Jilayne - Jitsi – this has gone well, plan to update to this for future General calls
- Legal and Tech teams can update if/when they choose
- Europe, UK, etc. seems to be working
- Bob – recommend putting passwords on it
- Steve – discuss whether to put one on. Possible but appears to prevent dial-ins afterwards.
- Steve will look into options
Attendees
- Phil Odence, Black Duck/Synopsys
- Mark Atwood, Amazon
- Matthew Crawford, ARM
- Bob Martin, Mitre
- Philippe Emmanuel Douziech, CAST
- Jilayne Lovejoy, Red Hat
- Maximilian Huber, TNG
- Alexios Zavras, Intel
- Kay Williams, Microsoft
- David Edelsohn, IBM
- Thomas Steenbergen, HERE
- Jeff Schutt, Cisco
- Kate Stewart, Linux Foundation
- Michael Herzog- nexB
- Sebastian Crane
- Steve Winslow, LF
- Marc Etienne Vargenau, Nokia
- Jonas Smedegaard, self