Legal Team/Minutes/2015-10-15

From SPDX Wiki
Jump to: navigation, search

Attendees

  • Jilayne
  • Kris
  • Dennis
  • Phil
  • Alan
  • Gary
  • Brad
  • Kate
  • Mark

Agenda

1) LinuxCon Europe update:

  • A Beautiful Build, Bradley Kuhn - helpful advice and tips on how to meet the “complete corresponding source” requirement of GPL. slides not posted yet, but will be here: http://ebb.org/bkuhn/talks/ - talk was recorded, so may see it on Linux Foundation YouTube channel
  • FOSSology - X-Ray for Software, Michael Jaeger - Overview FOSSology, an open source license scanning tool, with a demo of upcoming 3.0 release changes. FOSSology was developed by HP and is now being transferred to the Linux Foundation. Siemens has been very active in the transition and development. The new features are very exciting, including SPDX 2.0 generation. (Contributions welcome!) - should see v3.0 available any day now.
  • Developer's Care About the License, Jilayne - had a really good turnout! (50-60 people) and only 3 people raised their hands that didn’t know anything about SPDX. Slides can be found here: http://events.linuxfoundation.org/sites/events/files/slides/DevelopersCare_JLovejoy_LinuxConEu_2015_final-static.pdf - talk was recorded, so may see it on Linux Foundation YouTube channel
  • Supply Chain Mini-Summit - update from Kate:
    • overview of SPDX and OpenChain by Phil and Dave Marr
    • talk on Debsources by Stefano from Debian, see slides here: http://upsilon.cc/~zack/talks/2015/20151008-lf-debsources.pdf
    • talk on Dosocs by Uday from UNO, see project here: https://github.com/DoSOCSv2
    • Some work on OpenChain and Miriam from JBB explained and showed a demo of FOSS management web-based questionnaire for suppliers
    • free-form talk and brainstorming in afternoon. Will probably organize another session focus on tooling in spring, so keep an eye out for that


2) Improving templates / markup for licenses see: http://wiki.spdx.org/view/Legal_Team/Templatizing

  • we can always add more markup, but want to first consider if we improve the markup - function and/or form
  • lots of discussion on technical aspects of this
  • high-level questions are:
    • what is use case of goal of markup? original goals, use-cases: comparing two licenses to determine if it is a match & comparing any text to entire list to see if there is a match to any license. We prioritized the former, thinking there was already tools for the latter. matching guidelines purpose, as stated, does not really specify which use case it is aimed at (but could be interpreted as either or both)
    • should we extend markup to cover more of the latter goal?
    • if so, what format should this take?
      • can use or not use regular expressions or XML. if we switch to XML format, changes work flow of maintaining license list
    • if we make this change, will it get uptake?
  • markup on licenses or markup in meantime (e.g., standard headers)? probably okay to do so, as can simply convert

Agreed on following process for proposal and discussion:

  1. Kris to do proposal and example (on wiki)
  2. have discussion on next legal call on Oct 29 - invite tech team, make sure FOSSology folks, Sam Ellis can join also
  3. then go from there, but as to overall timing - would be good to line up for v2.1 aiming to have that ready for Collab Summit (end of March). Note: Kate is working on getting a room for SPDX working group for a full day at Collab Summit, so put it on your calendars!! http://events.linuxfoundation.org/events/collaboration-summit