SPDX Outreach Team report for December General Meeting
|
Dear all,
Since we didn't have time at the SPDX General Meeting today for the usual team reports, I'm writing to send the Outreach Team's report in textual form! Feel free to reply if you have any questions about the activities of the SPDX Outreach Team, or would like to be involved. Best wishes, Sebastian ----- # Wikipedia article We've added a version history section to the article at https://wikipedia.org/wiki/Software_Package_Data_Exchange with a version table and explanatory paragraphs (as is the format used in articles for a lot of other open source projects). Plus, the disambiguation link that said 'license documentation standard' now says 'software bill of materials standard'. Here are a couple of 'perma-links' to the before and after states of the article: * Before: https://en.wikipedia.org/w/index.php?title=Software_Package_Data_Exchange&oldid=1053739112 * After: https://en.wikipedia.org/w/index.php?title=Software_Package_Data_Exchange&direction=next&oldid=1058145243 # SBOM Landscape page At the most recent Outreach Team meeting, we discussed various categories and taxonomies that could be used in the SBOM Landscape page we are developing at: https://github.com/spdx/sbom-landscape We'll be trying to form 'neighbourhoods' of related use-cases such as attestation, automation etc. The automated tests for the page are still failing, but builds seem to work correctly so can continue work on it. We now have Syft, OSS Review Toolkit, REUSE and Tern listed on the SBOM Landscape page, and will be adding more in the coming weeks! # SPDX Podcast Joshua Marpet has resolved the audio issues, meaning that we can start recording podcast episodes again. Joshua is working on an episode with the SPDX Asia Team. # 'SPDX Ambassadors' Vicky Brasseur suggested that having an ambassadors programme would be a good idea, so we are exploring the possibility of having contact details of SPDX Ambassadors on our main website. This will help newcomers to quickly contact representatives of SPDX. # Replicant I have been in correspondence with a steering committee member of the Replicant project. Replicant aims to replace proprietary components in Android, and are looking to improve their source code license scanning. SPDX SBOMs could be useful in reducing unnecessary repetition of audits here. # FOSSLight We have had good interaction with the developers of FOSSLight, an open source license scanner from Logitech. Gary O'Neall and I have been proactively examining SPDX-related failures in order to help them with their use of the SPDX Java libraries. FOSSLight is a top priority for addition to the spdx.dev Open Source Tools page, as well as the SBOM Landscape! ----- |
|
|