THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Technical Team/Minutes/2020-05-19
From SPDX Wiki
May 19, 2020
Contents
Attendees
- Jim Hutchison
- Rex Jaeschke
- GogginsS
- John Mudge
- Nisha Kumar
- Steve Winslow
- Kate Stewart
- William Bartholomew
- Gary O’Neall
- Rose Judge
- Takashi Ninjouji
- Santiago Torres
- Peter Shin
- Vicky Brasseur
- Thomas Steenbergen
- Rishabh Bhatnagar
SPDX 2.2
- Question on how to submit new features beyond 2.2
- Consensus to add issues in Github
- SPDX 2.2 wrap up - status of .pdf generation, next steps
- Kate & Gary - follow up, still some issues outstanding.
SPDX 2.2.1
- update from Rex
- A new numbering scheme
- An appendix will be added to translate from the old to new numbering
- John gave an update on new format
- Line breaks discussion
- Thomas recommended line breaks be made post production rather than explicitly
- Agreed to not add explicit line breaks
- Discussion on changing Intent to Description
- Agreed to change to Description
- Possible issue with the word Example
- May have to change to a different word such as sample
- Thomas raised an issue with changing to sample
- Embedded HTML in the examples may cause issues
- Suggest removing the HTML except for anchors
- May also be an issue with 3.0
- Major issues have been resolved
- Expect to have a list of remaining issues by the end of the week
GSoC
- Anisha, Rohit & Gary - had call, researching alternatives
- Rishab, Steve & Gary - golang, discussion
- Philip - Kate, Santiago & Philippe - pending
- Tenjong - license cross ref, already engaging.
- reasonable activitity on gitter.
- Bringing back one of student proposals through community bridge, update June 1.
Automation for the Spec
- Level of Automation for 3.0
- OWL document —> Schema’s work —> Sample code, etc.
- Two sources of errors: tools doing translations, copy paste error
- Can we look at automating the creation from everything from one source of record.
- Having mark down be the source of record.
- Automation Proposals:
- Pick a source of record, everything else is automated from there.
- Diagram - how can this work with markdown.
- Possibly not include generated artifacts in repo.
- Could be added into a github action to generate diagram. Not store in repo itself, since its generated.
- Everytime PR, get new OWL document
- William’s diagrams are already generated by plugin
- Software generate example files, and then they are included in markdown.
- Concern: How fragile are the tools?
- Gary - will handcode in Java, specific to SPDX. Subsection & schemas. Tool dependency.
- Thomas - Companies do this, but we need to make sure.
- Sections will have to be very much tied to the formatting.
- Breaking formatting may break build. PR requested via breaking build. More of burden for submitters.
- Nisha, Kate, William, are a favor in trying this.
- Gary looking for collaboration on the tools. Nisha & Rose willing to work with Python.
- Gary ok to do it in Python, if Rose able to help out here. Separate Sync up in 2 or 3 weeks.
- William ok mentor. Thomas ok to review.
- Revisit in 3 weeks - status of tooling
SPDX 3.0
- How do we submit proposals for 3.0?
- Use Github Issues
- Proposal to add Github labels for the profiles
- Add Tech Team review as a label to schedule a call
- Annotations and/or Relationships have YAML samples for review
- Kate will help with the examples
- Suggest we start a mapping spreadsheet
- Kate will start the sheet
- Wait for 2.2.1 template completion from John
- After template, William will create 3.0
- Need a way to specify which profiles are in effect
- Suggest adding a field to the base
- Base is always listed, additional profiles are also listed
- Defer versioning
- Discussed if you can use fields from other profiles
- OK to re-use fields from other profiles
- Profiles define which fields are mandatory
- To be further discussed
Next Week’s Agenda
- Thomas to lead discussion on Security profile
