General Meeting/Minutes/2012-11-29

From SPDX Wiki
Jump to: navigation, search
  • Attendance: 11
  • Minutes of Nov 1 meeting approved.
  • Lead by Phil Odence

Special Report on Open Compliance Summit, Japan - Adam

  • Overview
    • End of October. Great Event in General.
    • Surprising amount of awareness/interest in SPDX to help with recruitment
    • Adam/Mark Gisi (Windriver) pulled together a come all SPDX info meeting to help with recruitment
    • Chatham House rules, so sharing but no attribution of comments
  • Unscheduled Roundtable
    • Pulled together at last minute for end of first day
    • 12 participants (surprisingly high)
    • Lots of interest and awareness. According to Adam, "the concept of SPDX sold itself)
    • Continued discussion with a number of participants the next day
  • Flavor of discussion/inquiry
    • Caution/Concern
    • Fear of Unknown
    • Language Issue
    • Fear of obligation- Worry that signing up is somehow a big commitment
  • Concerns
    • Language Issue
      • More written materials would really help
      • English is OK (for written stuff) but looking for "User Manual" level documentation
      • The language of the Spec itself is difficult for non-English speakers
    • Seems Complicated
      • But MarkG was able to make folks understand it's not really
      • So a simple, written explanation would really help
      • Specific interest in understanding mandatory v. optional; what's the minimum
      • Kate had similar experience at U of Nebraska - Concern about complexity that went away after simple explanation.
      • So, all this is s general issue, but answer for Japan has to be written doc due to language.
    • Obligation
      • Concern that if you touch SPDX, you have to overhaul your entire compliance operation
      • Need to help folks understand, it's just a format and can fit your processes; it's a spec, not a business method
  • Current State
    • A number of companies we didn't even know were aware are piloting internally
    • Some of these are not even on any mailing lists
  • How we can help
    • Written, user level doc
    • Help people understand how to dip a toe in
    • Lots of interest in understanding how to be just a consumer

Business Team Report - Jack

  • Met with Matt and team at U of Nebraska
    • Good progress with adding SPDX output capability to FOSSology
    • Turned up some issues with the existing tools which Gary is looking into
    • Discussion about creating tools for consuming SPDX
    • Looking at integrating with Git and Jack envisions an Eclipse-like plug-in framework
  • Team understands need for a consumer guide- we need a resource to take that on
  • After first of year need to start planning F2F at Collboartion Summit
  • Steve Cropper is driving the idea of creating a model supply chain with different participants exchanging and compiling SPDX files.

Tech Team Report - Kate

  • Working on Modeling different approaches
  • Testing against use cases
  • Anticipated slowness due to holiday and as well as Ed's being somewhat tied up

Legal Team Report - Jilayne

  • Anticipating downtime over holidays.
  • Finishing up FSF license list additions to be included in LL 1.17
    • Should be by end of year
    • Represents 30-40 new licenses
  • Recent discussion has been about criteria or "filter" for license adds wiht a small group; needs broader input
  • Next meeting will discuss 2013 priorities

Cross Functional Issues – Phil

  • Web Site Update - Jack
    • Framework is in place
    • Getting feedback from Core Team


  • Phil Odence, Black Duck
  • Jilayne Lovejoy, OpenLogic
  • Kamyar Emami, Protecode
  • Gary O'Neill, SourceAuditor
  • Kirsten Newcomer, Black Duck
  • Jason Buttura, Cisco
  • Pierre Laponte, nexB
  • Kate Stewart
  • Jack Manbeck, TI
  • Adam Cohn, Cisco
  • Scott Lamons, HP