THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
General Meeting/Minutes/2018-08-02
From SPDX Wiki
- Attendance: 12
- Lead by Phil Odence
- Minutes of July meeting approved
Contents
Guest Presentation, - Supporting Continuous Integration, Ndip Tanyi
- Idea- Automatically generating SPDX docs as part of CI process
- Scope
- Focused on Travis CI, NPM and Python
- Demo
- Add an install and SPDX build script to build script
- And some statements to push the SPDX docs to the repo
- Future extensions
- Pushing to GItHub as a commit
- Other CI systems
- Has been designed generically enough to be extensible to other languages and environments
Tech Team Report - Kate/Gary
- Tooling
- Mostly GSoC work
- License XML Editor
- Gary posting new version today http://spdxtools.sourceauditor.com
- If you want to test, make it clear that these are tests, to make clear in the pull requests
- Gary posting new version today http://spdxtools.sourceauditor.com
- Spec work
- Working for consistency in external identifiers
- Interest coming up from security community
- SWID
- NTIA conference that featured SPDX
- Working in interop and SPDX standardization
- Looking at spinning up a security subgroup
- Interest from US House and Senate in a SW BoM and SPDX is on the docket
- NIST and other organizations are involved in the background
Legal Team Report - Jilayne/Paul
- 3.2 is out
- Some clean up of old issues in process
- Request to that legal folks try out Tushar’s tool
- Exceptions
- The term is imperfect as it handles some items that are not “exceptions” per se
- Patent grants, for example
- Considering changing the term to be more neutral and inclusive
- “Modifiers” maybe?
- Will send an email to a wide audience get people thinking about it and set up a special meeting
- The term is imperfect as it handles some items that are not “exceptions” per se
Outreach Team Report - Jack
- Website
- Making more sense of the License List and Documents section
- Shane Coughlin, from Open Chain, is getting involved
- Outreach to companies
- New time for Outreach calls is 7pm EDT
- (Shane is in Japan)
- OSS Summit
- Backoff on the Tuesday
- And a session on Consuming SPDX
Attendees
- Phil Odence, Black Duck/Synopsys
- Ndip Tanyi, Alberta University
- Tushar Mittal, GSoC Student
- Gary O’Neall, SourceAuditor
- Yash Nisar, GSoC Student
- Jack Manbeck, TI
- Steve Winslow, LF
- Jilayne Lovejoy, ARM
- Paul Madick, Dimension Data
- Mike Dolan, Linux Foundation
- Matije Suklje, Liferay
- Mark Atwood, Amazon