Sept 15, 2015
- Kate Stewart
- Bill Schineller
- Yev Bronshteyn
- Hassib Khanafer
- Matt Germonprez
- Mark Gisi
- Michael Herzog
External Identifiers proposal for discussion: https://docs.google.com/document/d/1RpIFg41LdD6CKcw2FyJw1G5fpaEK6Z-XFM-66JUc8Jo/edit
- title agreed to be “External Identifiers” - drop Packages & Versions (although all agree version information is important to capture, want to have broader reach)>
- general agreement that Appendix approach is way we want to go.
- want to have separate section for “security reference” to make easy to find/marketing purposes.
- software package management systems (Group Artifact Version) and software distributions sections consider to combine to "Package Managers and Code Repositories" for next meeting.
- how handle other external databases?
- space for cross links to other tools (like Open Hub, Proprietary tools)
- github example - where does this fit? (reason for merging package managers & code repositories to one section"
- Criteria for adding to appendix:
- We get agreement from project on data format, if it doesn’t have a formalized version already documented. Like feedback we've just gotten from Debian which needs to be included in next draft.
- Tables in Appendix to be reformatted a bit, so better ties up to text, Bill to work on for next meeting.
- Open Questions:
- Which section does External Identifiers live? likely in Package level (discuss usecase with FIle, and make sure ok to refer to as External Package).
- Will it work for Financial Services Applications examples - looking to build on CPEs with External Packages. BOM with CPEs.
External Packages proposal. https://docs.google.com/document/d/11kjtrzuZVKlbWIjaEq7bbZPA_cT55eLOOxpnnQ_rghU/edit#heading=h.gjdgxs
Next week, revisit external IDs and External Packages - does the use case work. Bill to make changes to External Identifiers proposal prior to meeting.
Reminder please sign up for: Supply chain workshop on October 8 in Dublin. (Stefano and Uday). http://events.linuxfoundation.org/events/linuxcon-europe/extend-the-experience/supply-chain-summit