THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

General Meeting/Minutes/2010-09-09

From SPDX Wiki
Jump to: navigation, search

Administrative

Agenda

  • Attendance - 19
  • Approval of minutes - Pending til next meeting
  • Outreach and evangelism:
    • Common Messaging/Presentation – PhilO
    • Industry Venues – PhilR
    • Website – PhilO/MartinM
  • Rollout- KimW

Common Messaging/Presentation

PhilO reported that he'd updated the presentation. He's added a slide describing to people why they should participate; he and Kim will update in the context of her OWF presentation.

Industry Venues

PhilO reviewed process for new participatns

Website

PhilO walked through changes implemented to make how to participate more obvious. There are pointers to where to sign up and get on the mailing list from every major tab.

Rollout

Kim described the motivations for, approach to and elements of the rollout that will require work. There's a fair amount to be done, but it is now well framed. There will likely be a different thread of meetings on rollout issues (vs. spec completion) starting after a face to face meeting in mid-November. Some of the areas that need work would benefit from skills from outside the current group, so please think about others in your organization that might help.

Issue Tracking

We agreed that we should implement an issue tracking system for spec issues. We can use Linux Foundations Bugzilla. Peter Williams agreed to drive and administer with help from Marshall.

Action Items

  • PhilO/Martin - Update on participation page where to join (suggestion was to put link in text, not just at top, consider "I want to use the spec, vs. I want to contribute to the spec" in navigation section. DONE
  • Kate- Transfer document (.pdf) back to WIKI. IN PROCESS
  • PhilO- Update standard presentation with LinuxCon2010 input DONE
  • Kate- Clean up the sharing analysis to what is accurate. IN PROCESS
  • Kate- Publish the current version number of the specification in brackets behind reference DONE
  • Kim/PhilO- Add and element of 'What's in this for me?" to presentation DONE
  • JeffL (w/Bill/Gary- Update zlib based on new specification IN PROCESS
  • All- Look for new examples to add to site. IN PROCESS
  • PhilK- Explore possibility of LF hosting source for SPDX tools. DONE.
  • Gary- Explore other possible hosting options. DONE.
  • PhilO- Start making minutes available via link. DONE
  • BillS- Start up RDF sub-group. Solicite members. DONE

New

  • KimW- Sent rollout slides to mailing list
  • RDF Group- Work out syntax for 5.6/5.7
  • Bill S- Add Ed W to the RDF group
  • Kate- Track and (when Wiki is back up) implement changes described in Spec section below.
  • PeterW- Implement issue tracking system.

Technical

Agenda

  • Spec current status and open areas- Kate
  • RDF Focus Group update - Bill
  • Tools update - Gary
  • Issue Tracking

License Discussion

As there has been a lot of discussion of licenses on the mailing list (decoupling from spec, etc.), we decided to have a separate session dedicated to that discussion. Kate will be hosting on Thurs, Sept 16 at 12:00 EDT (one hour later than our normal.) Invitation and agenda to be sent out early next week.

Specification - Current Draft 20100806

No changes have been implemented since the beta release as we are working through some formatting issues getting the .pdf back into Wiki form.

Additional Fields: 5.6/5.7 We picked up on the discussion from the maillist of adding 5.6/5.7 fields to the file section which would designate the name and URL of the package from which a file is known to come. There was agreement that we should go ahead with this in concept and that the RDF group would work out the syntax.

Revisit 3.3 To deal with the recursive problem (wanting to include the SPDX file in a package but also wanting it to include a SHA-1 for the package) there has been a proposal based off of the SHA-1s of all the other files in the package. Kate is looking for others interested in this, to brainstorm with as to algorithms to generate this new package level checksum. We got into a discussion of "unique identifier" vs. "validator" and it became clear our nomenclature needs to be cleaned up to indicate that this is a validator and not an identifier. Someone proposed "Package Check Sum" as the name of the field and there was agreement. Kate will clean up the language requested more discussion on the maillist of the technical approach.

Appendices- The RDF group identified the need for an ontology and an XML schema appendix. Place holders for these will be added to the WIKI.

RDF Group

There was a good kickoff meeting last Thursday. Most of the discussion was about approaches and concerns. Both an ontology and a schema are to be the targeted outputs from this subgroup. Bill has since found a collaborative ontology site that will be useful in the development.

Tools & Infrastructure

Linux Foundation has agreed to make the source code revision infrastructure (git based) available to SPDX tools. There will be a meeting next week between Gary, Ibrahim, Kate to discuss the logistics in more details. The first project will be Gary's Pretty Printer (which has components that can be reused in other projects).

Request was made on the list for an issue tracker. Current mechanism is a WIKI, but it was felt something more formal would give us better history. After group discussion and the willingness of Peter to volunteer to adminster it (thanks Peter!), we will be looking at setting up a bugzilla system. Options on where it can be hosted (linux foundation?), will be investigated by Kate. Goal would be that this could be used for the SPDX tools as well.

Attendees

  • Gary O'Neall, Source Auditor
  • Daniel Germain, U of Victoria
  • Marshall Clow, Qualcomm
  • Peter Williams, OpenLogic
  • Kim Weins, OpenLogic
  • Kate Stewart, Canonical
  • Ed Warnicke, Cisco
  • Ann Thornton, Freescale
  • Alan Stern, Cisco
  • Phil Robb, HP
  • Tom Incorvia, Micro Focus
  • Phil Koltun, Linux Foundation
  • Mark Gisi, Wind River
  • Jeff Luszcz, Palamida
  • Pierre Lapointe, NexB
  • Esteban Rockett, Motorola
  • Philip Odence, Black Duck Software
  • Eric Weidner, OpenLogic
  • Dave McLoughlin, OpenLogic