THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Technical Team/Minutes/2020-08-11
From SPDX Wiki
< Technical Team | Minutes
August 11, 2020
Attendees
- Kate Stewart
- Thomas Steenbergen
- Steve Winslow
- Jilayne Lovejoy
- Steve Winslow
- Gary O’Neall
- Rose Judge
- Peter Shin
- Brad Goldring
- John Horan
- Rose Judge
- Vicky Brasseur
- William Bartolomew
- Mark Atwood
Topics:
- Licensing profile - consolidation of license fields
Legal Profile
- Initial draft by Steve and Jilayne in Google Docs https://docs.google.com/document/d/1k_2tSlFXvW_SbW-I1DcSEoCNBMQJd4FEFIQr6KCJuyU/edit#
- Note: didn't really update section numbers
- Note: Has not been reviewed by the entire legal team – will review in upcoming legal team meeting
- Normalized naming (e.g. references to Spdx Document rather than Spdx File) - this needs to be done across spec
- Focus on artifact fields - consolidation of license related fields for Package, Files, and Snippets. Not much to change for Document-License List Version field or filed in Other Licensing Info section.
- Discussion on Declared License for Package – metadata
- Thomas raised question on if the Artifact includes the metadata or if it is different
- Discussion on the previous discussions
- Maven POM files was discussed previously and general agreement that the POM license info would be declared but not concluded
- POM file license information was not always accurate
- Different scenarios discussed, general agreement that a binary distribution would be a different artifact from the bundle of source
- Discussion on license information that is not completely in the file (e.g. jQuery which includes a link but not the license notice)
- Some tools will fill in the actual license referred to
- Should we document the examples for Declared and Concluded licenses?
- Valuable information
- More specific would be better, but would make it larger
- Would be nice to have some additional documentation somewhere
- Generally agree to move from the specific fields to the intro for the section
- Discussion on None field for license
- Should the field be renamed NONE_FOUND?
- Concern it would break tools
- General agreement that NONE means someone looked really hard for a license and couldn’t find one at all
- In the case of “No Rights Reserved”, one would create a LicenseRef-
- Should the field be renamed NONE_FOUND?
- Discussion cookbook
- Could create hover over in the spec
- Concern about accessibility
- Could create hover over in the spec
- Replacing references to Disjunctive license with “OR”
- Continue discussion on the Legal team this Thursday
- What is the name of the profile for licensing?
- “Licensing”
- Discussion on associating copyright owner with license
- Thomas has a requirement to associate the license with the copyright owners
- Current SPDX does not have a mechanism to retain the associations
- Could use snippets to retain the association between copyright owners and licenses for specific code