THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Technical Team/Minutes/2020-06-23

From SPDX Wiki
Jump to: navigation, search

June 23, 2020

Attendees

  • Kate Stewart
  • Thomas Steenbergen
  • Rex Jaeschke
  • Takashi Ninjouji
  • Karsten Klein
  • Rose Judge
  • Nisha Kumar
  • Steve Winslow
  • Gary O’Neall

Topics: Update on 2.2.1

SPDX 2.2.1

  • Spec available at https://spdx.github.io/spdx-spec/v2-draft/
  • Nearly complete
  • Rex provided an overview of the current state
  • Tables are now number
    • Need to add to the release checklist to renumber the tables before release
  • HTML tables styling was added
    • Thomas requested the styling be put in CSS rather than inline
  • ISO process may take up to a year
    • 3.0 may well be ready to release at the time 2.2.1 is ISO approved
  • Reviews for 2.2.1 – comments due by Tuesday 30 June
    • Preference to pull requests or add issue
    • File issue in the spec tagged with 2.2.1
  • SPDX 2.2 ontology diagram need to update to 2.2.1 in section 5.1
  • C.1 data model needs to update to 2.2.1
  • D.1 grammar needs to go in a code block
  • Gary will add a PR for the definitions section 3.x

SPDX as a Package Manifest

  • Thomas added issue #439
  • Minimal version of SPDX that can be included in the root of a directory for code that does not use a standard package manager (e.g. C/C++ projects that use makefiles)
  • What do we use for the document namespace?
  • What if we want to add a PackageVerificationCode or have FilesAnalyzed=true?
  • Could it be applied to Go binaries?
  • Can we use SPDX lite?
    • Different use cases, are the fields the same?
  • This will not be an additional section of the spec, but more guidance to the users of ORT
  • Thomas also worked on an example for 3.0
    • An issue and PR will be added to the spec

Next Week

  • No call next week due to Linux conference North America