- Bill Schineller
- Gary O'Neall
- Peter Williams
- Kate Stewart
zLib example discussion
Discussion on the whether the SPDX Doc is necessary. Led to a discussion on having the SPDX Doc contain multiple packages which led to a discussion whether we were constraining the model to a flat model. Decided to table the discussion for version 2.
Discussion on the file being associated to a package - Section 5.5 - need to have a property to associate the file with the package. Needed to have the RDF parse properly and to have the graph represent the file relationships properly
Discussion on non-standard licenses - should it be within the package or at the SPDX Doc level.
Three possibilities - "describes license" creates a separate license resource not associated with the SPDX doc or package; a property of the SPDX doc; property of the package
Discussed the pro's and cons of different approaches. Technically, all three approaches are similar in that the non-standard license will only be valid within the specific SPDX doc (and there is only one package per SPDX doc). Several people felt that the non-standard license should be associated with the analysis - perhaps leading to it being associated with the SPDX doc.
- Gary to writeup a proposal for hasFile belonging to a package (section 5.5)
- Peter to write up the alternatives for the non-standard licenses
- Kate to write up a proposal for field to be added for the validation of entire package