Difference between revisions of "Technical Team/Minutes/2020-08-04"

From SPDX Wiki
Jump to: navigation, search
(Created page with "August 4, 2020 == Attendees == * Kate Stewart * Thomas Steenbergen * William Bartholomew * Steve Winslow * Gary O’Neall * Rose Judge * Peter Shin Topics: * SPDX 3.0 Docume...")
 
(SPDX Online Tools Web Application)
 
(One intermediate revision by the same user not shown)
Line 20: Line 20:
 
* Some issues with communications
 
* Some issues with communications
 
** Rishabh has been keeping a log on Google Docs which is a good practice
 
** Rishabh has been keeping a log on Google Docs which is a good practice
** Kate will  
+
** Kate will suggest on gitter that all students adopt this practice.
  
 
==SPDX Online Tools Web Application==
 
==SPDX Online Tools Web Application==
 
* Funding goal for the SPDX online tools was achieved through community bridge
 
* Funding goal for the SPDX online tools was achieved through community bridge
 
** Enough funding for 14 months of hosting
 
** Enough funding for 14 months of hosting
 +
** A big Thank you to all supporters!  https://funding.communitybridge.org/projects/f0e320d6-9c86-4656-ad4d-97842f25b124/financial
 
* See meta issue for current status and progress https://github.com/spdx/spdx-online-tools/issues/199
 
* See meta issue for current status and progress https://github.com/spdx/spdx-online-tools/issues/199
 
* Request to add SPDX document – see issue https://github.com/spdx/spdx-online-tools/issues/209
 
* Request to add SPDX document – see issue https://github.com/spdx/spdx-online-tools/issues/209

Latest revision as of 17:27, 5 August 2020

August 4, 2020

Attendees

  • Kate Stewart
  • Thomas Steenbergen
  • William Bartholomew
  • Steve Winslow
  • Gary O’Neall
  • Rose Judge
  • Peter Shin

Topics:

  • SPDX 3.0 Document Structure
  • GSoC Update
  • SPDX Online Tools
  • Security related – LF security

GSoC Update

  • All students passed
  • Some issues making good progress on the generating Java code from XSD – more complex than we originally thought
  • Some issues with communications
    • Rishabh has been keeping a log on Google Docs which is a good practice
    • Kate will suggest on gitter that all students adopt this practice.

SPDX Online Tools Web Application

SPDX Document Structure

  • Update to model
    • Added name to Artifact
  • Document proposal to break down into clauses
    • Constrained by ISO to not having sub-sections or clauses
  • Structure on subclasses
    • Suggested we having a naming standard for the clauses that indicate the subclasses
  • Structure
  • Moving external document references to the linking profile
    • Concern about requiring all the requirements of linking profile
      • Possible 2 profiles, one for document linking and a stronger one for InToto
    • Concern about having required information for being able to link to a document
      • General agreement
      • Would like to simplify the approach language
      • Several possible solutions including the PURL
    • SPDX Lite – should it be part of licensing or separate profile?
    • Suggestion to introduce pre-requisite profiles

Next Week

  • Continue discussion on container SBOM relationships
  • Aug 11 Legal profile