General Meeting/Minutes/2018-11-01

• Attendance: 6
• Lead by Phil Odence
• Minutes of Oct meeting approved

Tech Team Report - Kate/Gary

• Spec
  • SEVA discussions
    • Looking at fields that we might incorporate
      • Security
      • Evidence
    • Idea is to bring in as a separate section
    • Good Progress
  • Some discussions with NTIA Group as well
    • SWID
  • May start using the security mailing list soon
• Tooling
  • Multiple formats
    • Challenges solves
    • XML, JSON, YAML, Tag value, RDF
  • Attention back to updating tooling with spec
  • Some concern about file sizes with certain packages/formats
    • May simply be an issue of LOTS of files
  • Generating License List
    • Didn’t work perfectly
    • Giving another run
  • Updating tooling for license submittal/editing
    • A few bugs need to be worked around

Legal Team Report - Jilayne

• There’s a fair backlog of issues to work through
  • Ongoing process
• 3.3 Is out
  • Started new practice of release notes
• Tooling and new request system has to be nailed down
  • People are going through multiple paths/processes
  • Need to standardize
  • Tooling is close
    • Need a few more text fields
    • All submissions seem to come from Gary
• License inclusion guidelines
  • Inbound request regarding open hardware languages
  • Already included open data license
  • May need to revisit inclusion guidelines
• OSI discussion about naming issues with SPDX
  • Need to find opportunity for better collaboration

Outreach Team Report - All

• Seems to be a lot more use of SPDX in the wild than we are aware of
  • How do we run down and catalog?
  • Wonder if it’s time for another poll
    • Last poll results: https://spdx.org/sites/cpstandard/files/pages/files/spdx_survey_results_may_2013.zip

Attendees

• Phil Odence, Black Duck/Synopsys
• Kate Stewart, Linux Foundation
• Gary O’Neall, SourceAuditor
• Andrew Katz, Orcro
• Jilayne Lovejoy
• Steve Winslow, LF