THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

General Meeting/Minutes/2018-08-02

From SPDX Wiki
< General Meeting‎ | Minutes
Revision as of 15:43, 2 August 2018 by Podence (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
  • Attendance: 12
  • Lead by Phil Odence
  • Minutes of July meeting approved

Guest Presentation, - Supporting Continuous Integration, Ndip Tanyi

  • Idea- Automatically generating SPDX docs as part of CI process
  • Scope
    • Focused on Travis CI, NPM and Python
  • Demo
    • Add an install and SPDX build script to build script
    • And some statements to push the SPDX docs to the repo
  • Future extensions
    • Pushing to GItHub as a commit
    • Other CI systems
  • Has been designed generically enough to be extensible to other languages and environments


Tech Team Report - Kate/Gary

  • Tooling
    • Mostly GSoC work
    • License XML Editor
  • Spec work
    • Working for consistency in external identifiers
    • Interest coming up from security community
      • SWID
      • NTIA conference that featured SPDX
      • Working in interop and SPDX standardization
      • Looking at spinning up a security subgroup
      • Interest from US House and Senate in a SW BoM and SPDX is on the docket
        • NIST and other organizations are involved in the background


Legal Team Report - Jilayne/Paul

  • 3.2 is out
  • Some clean up of old issues in process
  • Request to that legal folks try out Tushar’s tool
  • Exceptions
    • The term is imperfect as it handles some items that are not “exceptions” per se
      • Patent grants, for example
      • Considering changing the term to be more neutral and inclusive
        • “Modifiers” maybe?
        • Will send an email to a wide audience get people thinking about it and set up a special meeting


Outreach Team Report - Jack

  • Website
    • Making more sense of the License List and Documents section
  • Shane Coughlin, from Open Chain, is getting involved
    • Outreach to companies
    • New time for Outreach calls is 7pm EDT
      • (Shane is in Japan)
  • OSS Summit
    • Backoff on the Tuesday
    • And a session on Consuming SPDX


Attendees

  • Phil Odence, Black Duck/Synopsys
  • Ndip Tanyi, Alberta University
  • Tushar Mittal, GSoC Student
  • Gary O’Neall, SourceAuditor
  • Yash Nisar, GSoC Student
  • Jack Manbeck, TI
  • Steve Winslow, LF
  • Jilayne Lovejoy, ARM
  • Paul Madick, Dimension Data
  • Mike Dolan, Linux Foundation
  • Matije Suklje, Liferay
  • Mark Atwood, Amazon