General Meeting/Minutes/2018-05-03

From SPDX Wiki
Jump to: navigation, search
  • Attendance: 12
  • Lead by Phil Odence
  • Minutes of April meeting approved

Guest Presentation, Automating Governance with SPDX- Yev Bronshteyn

  • Variant on Leadership Summit Presentation
    • Don’t need to define SPDX
    • Will show product for illustrative purposes
  • Governance Today
    • Different formats for BoMs
    • Challenges
      • Manually updating
      • Compliance Management
      • Requires consistent tooling
  • Goals using SPDX
    • Automate BoM
    • Automate Reporting
    • Single format
  • Illustration
    • Replace disparate BoMs with SPDX versions
    • Load into a single data store (example Apache Jena Fuseki
    • Query with Sparql
    • Demo
      • Aggregating multiple BoMs
      • Committing change to GItLab
      • CI/CD- Build and Scan
      • Generate new SPDX doc for changed project
      • Sparql queries
        • Policy checks
      • Voila

Tech Team Report - Kate/Gary

  • Working on outstanding requests for 2.2
    • License expression features
    • Handling cases of annotations and extensions to address
  • 2.1.1 pdf
    • Wrestling with tools a bit
  • GoSoC
    • Students and mentors in place
    • Should be hearing from students during community bonding period
    • Projects lined up
    • Will present during General Meetings

Outreach Team Report - Jack

  • LinuxCon Vancouver
    • Trying to organize “back off” day before event starts
  • Website:
    • Still waiting on LF for moving Website to Wordpress
    • Content
      • Looking at a variety of ways
      • Looking at audio/video recordings
        • Could include monthly talks
        • Yev volunteered to do his
    • Looking for more people involvement in OTeam

Legal Team Report - Paul

  • Released latest rev of license list
    • Kudos Jilayne and others
  • Working out how to manage license submissions in new world
    • GoSoC student working out automation


  • Phil Odence, Black Duck/Synopsys
  • Matthew Crawford, ARM
  • Yev Bronshteyn, Black Duck/Synopsys
  • Steve Billings, Black Duck/Synopsys
  • Gary O’Neall, SourceAuditor
  • Dave Marr, Qualcomm
  • Jack Manbeck, TI
  • Kate Stewart, Linux Foundation
  • Steve Winslow, LF
  • Paul Madick, Dimension Data
  • Matije Suklje, Liferay
  • John Scott, Ion Channel