THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Technical Team/Minutes/2020-04-21
From SPDX Wiki
< Technical Team | Minutes
April 21, 2020
Attendees
- David Kemp
- Alexios Zavras
- Nisha Kumar
- Steve Winslow
- Kate Stewart
- Rex Jaeschke
- Jack Manbeck
- William Bartholomew
- Gary O’Neall
- Rose Judge
- Thomas Steenbergen
- Takashi Ninjouji
Container SPDX
- Nisha requested a discussion on some of the issues when generating SPDX documents for containers
- Discussion schedule for the 6 May tech call
SPDX 2.2
- Issues reviewed and updated
SPDX 2.2.1
- Rex discussed restructuring the document for ISO conformance
- Issue with numbering – will need to be renumbered to conform to ISO Standards
- Converting to word would automatically renumber
- Proposal to keep a permanent number in parallel with the section numbers
- Non-English documentation refers to numbers
- Other documentation refers to number (including code comments)
- Can create an informative annex mapping old section numbers to the new
- Issue with hanging paragraphs at the beginning of the sections – not allowed, will need to move to one of
- Conformance section – things such as cardinality
- Introductory section at the beginning of the document
- General or introductory subsection
3.0 Security Section
- Thomas provided an overview presentation at https://docs.google.com/document/d/1GyUMEcv4G8ZUGbXB8T_-pkDFxYUAbP0W0Tuts2cpZiw/edit?ts=5e9de64a
- Combination of several standards including CycloneDX, IonChannel, NVD, CVE, etc.
- Nisha will ask for a review from some of the security specialists she works with
- Future, we’ll bring in others for review – Thomas will guide the timing as the document matures
- Moving the document from Google Docs to MD