General Meeting/Minutes/2014-11-06

• Attendance: 15+
• Lead by Phil Odence

• Minutes of October meeting approved

Cross Functional Issues, Special Presentation from Polarsys – Phil

• Presentation from Polarsys COTSAQ project http://polarsys.org/proposals/cotsaq
  • OSS tool for managing software BoMs
  • SPDX connections
    • First will use SPDX License List
    • Connecting with code scanners through SPDX

Biz Team Report - Jack

• Last call cancelled. Call in an hour.
• Current focus is revamping the website homepage to guide new users

Legal Team Report - Jilayne

• Working through 2.0 task list
• Syncing with tech team schedule for release
• Cross team topic- Standard Header field in list that applies to a subset of licenses (e.g. GPL, Apache)
  • Proposal is to remove the field as it becomes problematic with 2.0
  • Notice will go out to tech team/legal team

Tech Team Report - Kate

• Fleshed out external SPDX document reference syntax. (currently sec 3.5, but may spin off to own section) and working on self reference (2.4)
• Finishing off clarifying examples for relationship references (sec 8)
• Extended the recognized checksums to include SHA256, MD5 (sec. 4.9, 6.4)
• Decided to start off separate spec for inline references rather than include it in Appendix.
• What's up for this month...
  • Gluing it all together and making available for other reviewers
  • Near term schedule: Draft Nov 14, feedback by Dec 1.

Attendees

• Phil Odence, Black Duck
• Kirsten Newcomer, Black Duck
• Pierre Lapointe, nexB
• Gary O’Neill, SourceA
• Mark Gisi, Wind River
• Scott Sterling, Palamida
• Matt Germonprez, UNO
• Jilayne Lovejoy, ARM
• Jack Manbeck, TI
• Mike Dolan, Linux Foundation
• Paul Maddick, HP
• Michael Herzog, nexB

• Pierre G, AirBus
• Others from project COTSAQ