General Meeting/Minutes/2021-09-02

From SPDX Wiki
Jump to: navigation, search
  • Attendance: 26
  • Lead by Phil Odence
  • GSoC Presentation was postponed

SPDX Governance - Phil

  • Intro -Phil
    • GOAL of today: Consensus  
    • Background
      • About 8 years ago, we put in place a governance structure for SPDX.
      • Factors
        • ISO standardization- near to announcing
        • Executive Order
        • More participation from comm members with standards body experience
        • Working with other standards, i.e. SWID and CycloneDX
    • Goal of Change - retain spirit and ways of working
      • more accurately reflect the current reality and future direction of the project
      • establishing a mechanism for official company membership in the project
      • using contribution processes and a license for the spec that ensure explicit patent license 
commitments from contributors
      • improving clarity around decision-making processes and establishing an appeals process
      • adopting a code of conduct
    • Solution - Steve to explain further
      • Legal Entity creation- switched from JDF to a much simpler
      • Retained Community Specification model
  • Review of pdf Summary - Steave
    • Legal Entity
    • Membership Agreement
    • Community Specs process and license
  • Q&A/Discussion
    • Various clarifications
    • Code of Conduct
      • Agreed that under new structure it could, if need be, be modified in the future
    • Possibility of Dual-licensing Spec
      • Agreed to not address at this time
  • Resolution
    • Consensus reached
    • ...unless significant concerns were raised on the General Mailing List within a day of so of the meeting's close


  • Phil Odence, Black Duck/Synopsys
  • Sebastian Crane
  • Joshua Marpet, RM-ISAO
  • Mike Nemmers
  • William Cox, Synopsys
  • Andrew Jorgenson, AWS
  • Bob Martin, Mitre
  • Philippe Emmanuel Douziech, CAST
  • Alexios Zavras, Intel
  • Marc Etienne Vargenau, Nokia
  • Jilayne Lovejoy, Red Hat
  • Steve Winslow, LF
  • Mike Dolan, LF
  • Mark Atwood, Amazon
  • Gary O’Neall, SourceAuditor
  • Paul Madick, Jenzabar
  • Jeff Schutt, Cisco
  • Vicky Brasseur, Wipro
  • Warner Losh, FreeBSD
  • Zach Hill, Anchore
  • Pierre Tardy
  • David Edelsohn, IBM
  • Maximilian Huber, TNG
  • Bill Jaeger
  • Michael Mehlberg, Dark Sky Technology
  • Henk Birkholz, Fraunhofe