THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Technical Team/Minutes/2020-06-16

From SPDX Wiki
Jump to: navigation, search

June 16, 2020

Attendees

  • Kate Stewart
  • Jim Hutchison
  • Thomas Steenbergen
  • Rose Judge
  • Nisha Kumar
  • Peter Shin
  • Steve Winslow
  • Gary O’Neall

Topics: Update on 2.2.1 GSoC SPDX Tools


SPDX 2.2.1

  • Spec available at https://spdx.github.io/spdx-spec/v2-draft/
  • Kate gave a quick overview of the changes made so far
  • Mostly renumbering, reformatting to ISO specs
  • A lot of external references were broken – changed to local references
  • All – Please review the 2.2.1 spec and open issues for any problems found
  • Overall structure is now in place – we can start basing our 3.0 work on the 2.2.1 work

GSoC

  • coding continues in Summer of Code.
  • Python expertise - active request for reviews. ** more bandwidth needed.
    • Kate will provide Daniel Beard intro to Philippe ang Gary to possibly help with the Python libraries
  • Rohit, Alexios, Gary - mentors for Community Bridge.

Serialization Formats

  • non normative changes to sample/examples for bugs in 2.2
  • Serialization formats outside of RDF/XML;
  • some different assumptions were being made.
  • Better to document this in the specification itself.
  • Approach and assumptions being made - examples applying.
  • Serialization examples and principles.
  • Bugs ok in 2.2.1 & enhancements `
  • Goal - use native format of JSON & YAML when possible
    • same vocabulary across all.
    • Exact case and spelling may differ due to different formats.
    • Stem of term would be consistent.
    • UML object model is abstract and not specific to any format.
    • Want JSON to look like “JSON” not something else.
  • Nisha: concern over incompatiblity with tool compatibility with different cases.
    • JSON allows plural forms on some array terms.
    • Singular to plural are not easy to code
    • Consistent casing structure.
    • Any tools that support more than one serialization format will have to deal with this.
    • Nisha: Question on the overall model.
      • Using RDF/XML document as source, but Alexios wrote a translator to standard OMG UML.
      • TODO: Annex C needs to be updated from RDF —> UML Object Model; and include the diagram from Alexios.

https://github.com/spdx/spdx-spec/blob/development/v2.2.1/ontology/SPDX-2.2-Simplified.png

  • Agreed on the following guiding principles for the different serialization formats
    • Consistent vocabulary across format
    • Consistent object model across formats (where feasible)
    • Serialization formats are optimized to for the formats (e.g. JSON will look natural to someone familiar with JSON)
  • We will document the different serialization formats in the spec in 3.0 in a similar fashion to tag/value and RDF/XML
  • We will add JSON and YAML examples to 2.2.1 or a 2.2.2 version of the spec depending on timing

Next Week’s Agenda

  • June 23 - Security - Thomas “unblock thomas"
  • June 30 - Cancelled.
  • July 7 - BASE 3.0 - William
  • July 14 - Licensing Profile - Steve