THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Technical Team/Minutes/2014-03-25

From SPDX Wiki
Jump to: navigation, search

Linux Collab Summit March 25-29, 2014

Meeting Summary

The technical team had a face to face meeting at the Linux Collaboration Summit on March 25, 2014 followed up by several other face to face sessions during the summit. The detailed notes from the meeting is available on Google Docs Overall, it was a very successful meeting reached tentative decisions for almost all of the big items identified for 2.0:

  • Walked through the relationship model and validated it.
  • Resolved a number of compatibilities issues between SPDX 1.2 and SPDX 2.0. A spreadsheet with the results is available on Google Docs
  • tag/value format approach discussed to match up with Proposed Model for 2.0. The proposal for naming SPDX elements can be found on Google Docs
  • Generally agreed to (pending writeup) a proposal to include references to external projects including their detailed package information (e.g. adding properties of ArtifactOf)
  • Decided to defer the signing of SPDX documents until next release, and address currently through a best practice document for SPDX 2.0. See bug 1189 for details on the proposal.
  • Tentatively decided to keep annotations pretty simple for now and keep the Review as a separate class.
  • Participated in the license expression discussion led by the legal team and have started modeling the impact to the SPDX 2.0 model.
  • Agreed on an approach to verificationCode which should work for more than just packages.

- Agreed on an approach on subdirectories which contained subpackages - Consider them as packages. See bug 1190 for the discussion - Discussed the "meta tagging" proposal and added some more specifics such that it could be included in the SPDX 2.0 spec. Details at the Meta Tagging wiki page.

Still some work to be done:

  • Need to review the relationship and usage cases using the spreadsheet which maps the use cases to relationship and usage types
  • Several bugs have been added to track some of the remaining issues identified
  • Validate that the verification code really will work in practice
  • Decide if/how to incorporate the meta tagging in the spec
  • Decide if/how to incorporate the language expression language proposed by the legal team in the spec