THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Technical Team/Minutes/2011-08-02
<p style="font-family: Arial, Helvetica, sans-serif; margin-top: 5px; margin-right: 0px; margin-bottom: 10px; margin-left: 0px; font-size: 12px; color: #666666; line-height: 18px; font-weight: normal; padding: 0px;">Minutes 7/28/2011
Attendees:
- Kirsten Newcomer
- Nicholas Loke
- Peter Williams
- Kate Stewart
- Steve Cropper
- Jack Manbeck
- Marshall Clow
Agenda:
- Discussion of Supplier related fields
- Review of recent updates to the Spec
- Open Action Items (see list at end of minutes)
Supplier fields discussion
- Kate has updated the working version of the spec with the two fields discussed last week
- Package Supplier
- Package Originator
- Today's discussion started with some email threads on intended use of
- We seem to have a common understanding of what info should be used to fill in the Package Supplier field
- We're still working toward a common understanding for the Package Originator field
- We discussed a few possibilities. For example, is the data in the Package Originator field
- the copyright holder?
- the place where the Supplier got the code?
- We discussed the desire to capture the chain of custody in the SPDX document; Kate noted that was part of the original intent of the Reviewer field
- We noted that there is an overlap between the goal of capturing chain of custody and the need for hierarchy in the SPDX document; hierarchy will be discussed post 1.0
- We discussed a few possibilities. For example, is the data in the Package Originator field
- Concluded: we need to make an extra effort to document the thinking behind these fields and provide usage guidelines
Additional updates to Spec
</p>- Kate walked the team through some additional updates that have been made to the spec as well as some planned changes based on feedback
- Key changes include:
- Clean up of RDF section (typos, spelling)
- Proposed changes to certain field names for tag/value
- Section 1.7: Conformance statement will point to trademark statement that is being worked by legal team and will be posted to web. This is not yet finalized.
- Section 2.2: SPDX data will still be delivered under PDDL-1.0. Confidentiality field has been dropped.
- Acknowledged that this could be an issue for using SPDX with commercial/proprietary code and plan to discuss commercial code use case post-1.0 GA
- Recommend that info be added on where to provide feedback
<p style="font-family: Arial, Helvetica, sans-serif; margin-top: 5px; margin-right: 0px; margin-bottom: 10px; margin-left: 0px; font-size: 12px; color: #666666; line-height: 18px; font-weight: normal; padding: 0px;">Open Action Items
</p>- Everyone: Bug list review
- review for any open P1s assigned to you
- review closed bugs to be sure we're in agreement
- Start developing Guidelines for Implementation/Use and/or Best Practices
- Everyone: Review current FAQ as starting point. You can find it here:
http://spdx.org/spec/guidelines - If you've volunteered to update/add to a certain section, please add your name here. :-)
- Everyone: Review current FAQ as starting point. You can find it here:
- Kirsten: Provide website location for 2 items so can be referenced in Spec
- Process for requesting licenses be added to SPDX license list.
- SPDX trademark terms.
- I've added placehoder text for a links here: http://spdx.org/spec
- I don't have the privs to create a new child page and will send a note to Martin
- Everyone: Please review the spec with the goal of approving final version next week if possible
<p style="font-family: Arial, Helvetica, sans-serif; margin-top: 5px; margin-right: 0px; margin-bottom: 10px; margin-left: 0px; font-size: 12px; color: #666666; line-height: 18px; font-weight: normal; padding: 0px;">Corrections, additions welcome.
</p>