THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Technical Team/Minutes/2019-01-08
From SPDX Wiki
< Technical Team | Minutes
January 8, 2019
Attendees
- Kate Stewart
- Gary O'Neall
- Thomas Steenbergen
- Steve Winslow
- Mathew Crawford
- James Neushul
- Alexios Zavras
Updates
- Kate and Thomas has been updating the SPEC git repo
- Question on branch strategy and where we should commit the changes
- Master branch is for 2.1.1 current release
- Development branch for 2.2
- Development branch for 3.0
- Thomas will update github to produce github.io pages for the current release as well as the development branches
Documentation for SPDX including SEVA
- Agreed to create a proposal or draft for the SEVA vulnerability
- Create a separate repo for the XML – e.g. github.com/spdx/spec-xml
- For now, we will just add a section to the 2.2 spec and clearly define that it is a draft
- Separate out only vulnerability information into its own repo
- Plan:
- Separate out vulnerability information into its own document for review by NIST – section 7
- will work off a Google doc. Copy section 7 from: https://docs.google.com/document/d/1KcKPfR0_14KL_qC20U1o7Hrdxz2dHOKWDIB2gsFPvgk/edit#
- Have NIST review the fields and comment
- Create a github issue – Kate will add
- After feedback, move to a proposal section
- Separate out vulnerability information into its own document for review by NIST – section 7
Next Week
- Thomas will lead a discussion on contributing to the SPDX spec github repo
