Technical Team/Minutes/2019-07-16

From SPDX Wiki
Jump to: navigation, search

July 16, 2019


  • Steve Winslow
  • Gary O’Neall
  • Alexios Zavras
  • Krys Nuvadga
  • Paul Madick
  • Philippe Ombredanne,
  • Rohit Lodha
  • Tanjong Smith
  • Vladimir Sitnikov
  • Uday Korlimarla
  • Kate Stewart


Recording available at


  • Tanjong - promotion to license repository method, questions and suggestions welcomed for the namespace repository.
  • Tushar - some suggestions about code give
  • Uday and Philippe – Ndip has made good progress so far, shared info about data stats. Working prototype is there. Ndip - dealing with flooding.
  • Rohit - student is a bit behind, but seems to be catching up.
  • Philippe - ahead of schedule for original plan. Working on enhancements to python library.
  • Krys - .pdf/html documentation - students making good progress. Internal links in .pdf now work. Natish working on language conversion, but some snags. Wordpress library plugin template going well.

Tech and Legal SPDX call

  • Workflow: Monitoring issues – bot teams monitor both sets of issue?
    • Recommend subscribing both, tagging technical issues in legal, and visa version.
  • Use filter listed of topics from tags.
  • This call will be used for figuring out from the filtered list.

Legal team issue to discuss with tech team

  • We have short form identifier format for licenses in source code.
  • Should there be something similar for copyright notices. No prescribed format, but here is a prefix that can be used to find them. FSFE reuse version has proposed “SPDX-Copyright:”, lengthy discussion in github Concerns from legal side, implying that SPDX has a copyright in it, or the format is recommended by SPDX, and other things that the legal team was ok with. More comfort to the exact tag used in SPDX specification - SPDX-FileCopyrightText: <copyright notice>
  • Instructs someone reading the code that plops into the specific name.
  • Call - one way to add SPDX information inside files - then use exact tag name as defined in the spec.
  • Philippe: concerns about asking for structured copyright information is only value of adding SPDX-Copyright.
  • Steve: Legal concern does not want to prescribe one format over another, so not sure that SPDX project should be doing this.
  • Philippe: Don’t see why we shouldn’t follow

Since change is lets do it right, regex, any generic is fine. Broader discussion.

  • Vladimir: could SPDX-Copyright:… reference a file?
  • Gary: If the FileCopyrightText is in an SPDX document, it could reference a file. For this proposal, the tag would be in the file itself. Tools could then generate a valid SPDX document from the source file parseable information.
  • SPDX-Fieldname:value - will have some places where it won’t make sense.
  • Does it make sense to indicate which ones actually make sense?
    • Alexios - just an indication want to share information, rather than authorative.
    • Gary - makes sense to go through the specific level fields, does this field make sense. The follow are ones that have been discussed and may be in use.
    • Probably a good idea to make up a table. Explain why not identifer, checksum, etc.
  • Agree to put Files & Packages fields, and put information in table on the ones that make sense, and an explanation of for the ones that don’t.

Namespace topic

  • reviewed GSoC project
  • need to be registered vs -. do not need.
  • possibly make a fully currated for the registered list.
  • Do we have fully uncurrated - first come, first serve, be their name on official list of spdx list promoted registry.
  • Philippe - understand legal concern, but intent is just to have known strings being used as prefix. With ok with no registry.
  • Gary - project proposal was already agreed by technical and legal. Change nature of considerations to what can we do to make this sucessful, and implementable processes.
  • Alexios - separate registry of namespaces from registry licenses. Don’t see this easy to be automated - we need namespace registry.
  • Gary follow up call? Yes, proposing when Legal team spot would be this thursday.
  • Philippe willing to pilot namespaces about Namepace for ClearlyDefined & ScanCode.