https://wiki.spdx.org/index.php?title=General_Meeting/Minutes/2019-12-05&feed=atom&action=historyGeneral Meeting/Minutes/2019-12-05 - Revision history2024-03-29T07:53:53ZRevision history for this page on the wikiMediaWiki 1.23.13https://wiki.spdx.org/index.php?title=General_Meeting/Minutes/2019-12-05&diff=4762&oldid=prevPodence: Created page with "* Attendance: 10 * Lead by Phil Odence * Minutes of Nov meeting- Lightly attended, no minutes kept == Tech Team Report - Kate/Gary == * SPDX 2.2 ** moving on pull requests..."2019-12-05T16:29:08Z<p>Created page with "* Attendance: 10 * Lead by Phil Odence * Minutes of Nov meeting- Lightly attended, no minutes kept == Tech Team Report - Kate/Gary == * SPDX 2.2 ** moving on pull requests..."</p>
<p><b>New page</b></p><div>* Attendance: 10<br />
* Lead by Phil Odence<br />
* Minutes of Nov meeting- Lightly attended, no minutes kept<br />
<br />
<br />
== Tech Team Report - Kate/Gary ==<br />
<br />
* SPDX 2.2 <br />
** moving on pull requests being merged/included.<br />
** Tools for generating Multiple formats being tested (help welcome). <br />
* SPDX 3.0 <br />
** Identifying a common base (based on some of NTIA framing work) with specific profiles (licensing, security, pedigree, provenance, export) <br />
** SPDX 2.2 would be a base+licensing profile. <br />
* Related Groups<br />
* OMG including part of the SPDX models, people regarding as a point to add security information. <br />
* NTIA phase 1 documents are published at https://www.ntia.gov/sbom (SPDX is a recognized format there).<br />
* NTIA phase 2 workgroups are forming, and there will be one on "formats & tooling” (which will feature SPDX tools ;-) ) those interested in participating in discussions on tooling and how to use tools are welcome to subscribe at: https://lists.linuxfoundation.org/mailman/listinfo/ntia-sbom-formats<br />
<br />
* Tools<br />
** nothing beyond above, mostly testing new formats<br />
<br />
== Legal Team Report - Paul/Steve ==<br />
<br />
* Fairly quiet this Q, lighter participation<br />
** 3.8 release will be light on new licenses<br />
* Reviewing and updating license inclusion guidelines<br />
** Should end up with broader inclusion at some level<br />
*** particularly for non-OSS licenses that include making source available<br />
** Good legal/tech team collaboration on 3.0<br />
*** One key topic is the license for the docs<br />
**** Currently CC0<br />
**** This has raised some concerns<br />
**** Dredging up historic rationale<br />
<br />
<br />
== Outreach Team Report ==<br />
<br />
* Survey reminder went out.<br />
** End of year down line. <br />
* Pushing Jan meeting to 1/9. <br />
<br />
== Cross Functional - ==<br />
<br />
* None<br />
<br />
== Attendees ==<br />
<br />
* Phil Odence, Black Duck/Synopsys<br />
* Steve Winslow, LF<br />
* Gary O’Neall, SourceAuditor<br />
* Mark Atwood, Amazon<br />
* Paul Madick<br />
* Alexios Zavras, Intel<br />
* Dave McLoughlin, Flexera<br />
* Rose Judge, VMware<br />
* Michael Herzog- nexB<br />
* Philippe Ombrédanne- nexB<br />
<br />
[[Category:General|Minutes]]<br />
[[Category:Minutes]]</div>Podence