THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Legal Team/Minutes/2018-11-01

From SPDX Wiki
Jump to: navigation, search

Attendees

  • Jilayne Lovejoy
  • Steve Winslow
  • John Horan
  • Dennis Clark
  • Philippe Ombredanne
  • Andrew Katz
  • Brad Edmondson
  • Gary O’Neall
  • Paul Madick
  • Kate Stewart

Agenda

1) 3.3 is out and new RELEASE NOTES have been added to the repo, see: https://github.com/spdx/license-list-XML/blob/master/RELEASE-NOTES.md - feedback?

  • include: list of new licenses/exceptions, any other major changes, link to PRs, link to comparison from last version to new version (no need to go into further detail)
  • should we also repeat this info on release page, e.g. https://github.com/spdx/license-list-XML/releases
  • going forward, Gery to add to workflow for license list release, will need to write release notes in .md file before tagging release

2) new license submission process:

  • want to use new license submission tool but need to add a few features: add yes/no question about submitting to OSI; add yes/no as to whether they are license author/steward; change “notes” to “comments”
  • still have issue where all new issues show as coming from Gary: to fix this, would have to require submitter has Github account or could create a dedicated service account (username like SPDX-license-submission)
  • where should discussion happen for license submission - Github or email list? if Github, then have to require Github ID. Everyone agreed that discussion should be on Github issue and move away from email
    • concern that we may lose some license submitters who don’t use Github, can still let people use email, then log issue, and then email them to let them know it’s being tracked there, which anyone can view
  • need to add note that submitters must respond to questions and if don’t after certain period of time, then submission will be closed. Maybe tie to release cycle. This also means we need to be better at our cadence of submissions.
  • do we need to discuss all license submissions on call or can we process otherwise? how do we come to consensus or quorum via Github issue?
    • if two lawyers and one non-lawyer sign off that it’s acceptable to add AND no objection from greater community, then we don’t need to discuss on call/ can add. Give people a week to raise any objection after trio sign-off. If objections, then discuss at meeting
  • need to get tooling updates first, then can implement this workflow

—> JL to PR Contributing page with recommendations from this call - everyone can review - DONE

2) Next call on Nov 15th is cancelled, actual next call will Nov 29 - scheduled to talk GPL Cooperation and Linux enforcement statement

  • look for email with more info on that topic in advance, so we can have a productive call on the 29th

3) License list overview page, which includes license inclusion guidelines: needs to be reviewed and updated generally, as well as consideration for adding hardware and data. This is a webpage only, so now good way to track/review changes

  • add HTML for overview page to repo, so can track changes there, same for matching guidelines; add comment at top explaining what the page is/where it lives
  • then can make recommendations for changes that can be reviewed
  • add link at bottom of page to repo for history of page changes
  • --> JL to put two files in own folder, called docs, with README explaining what these are - DONE

—> also noted that a write up history of SPDX License List and inclusion guidelines would be helpful. Turns out, we do have part of this here: https://wiki.spdx.org/view/Legal_Team/Decisions/Inclusion_Guidelines_(Background) - maybe just add to this?