THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Technical Team/Minutes/2010-11-30

From SPDX Wiki
Jump to: navigation, search

Attendees

  • Bill Schineller
  • Gary O'Neall
  • Peter Williams
  • Kate Stewart

zLib example discussion

Discussion on the whether the SPDX Doc is necessary. Led to a discussion on having the SPDX Doc contain multiple packages which led to a discussion whether we were constraining the model to a flat model. Decided to table the discussion for version 2.

Discussion on the file being associated to a package - Section 5.5 - need to have a property to associate the file with the package. Needed to have the RDF parse properly and to have the graph represent the file relationships properly

Discussion on non-standard licenses - should it be within the package or at the SPDX Doc level.

Three possibilities - "describes license" creates a separate license resource not associated with the SPDX doc or package; a property of the SPDX doc; property of the package

Discussed the pro's and cons of different approaches. Technically, all three approaches are similar in that the non-standard license will only be valid within the specific SPDX doc (and there is only one package per SPDX doc). Several people felt that the non-standard license should be associated with the analysis - perhaps leading to it being associated with the SPDX doc.

Actions

  • Gary to writeup a proposal for hasFile belonging to a package (section 5.5)
  • Peter to write up the alternatives for the non-standard licenses
  • Kate to write up a proposal for field to be added for the validation of entire package