|
Re: Thursday SPDX General Meeting Reminder - joining forces with 3T SBOM
J Lovejoy
Hi all,
toggle quoted message
Show quoted text
This message from Santiago bounced, which is a good reminder for all newcomers that you will want to join the spdx-general mailing list, and probably the spdx-tech mailing list (for tech team discussions). See https://spdx.dev/participate/ for more info on the different mailing lists, how to sign up, etc. Thanks! Jilayne SPDX legal co-lead
|
|
|
|
|
|
Re: Thursday SPDX General Meeting Reminder - joining forces with 3T SBOM
Santiago Torres Arias
Exciting indeed!
toggle quoted message
Show quoted text
Looking forward to this! -Santiago On Tue, Feb 02, 2021 at 07:40:08PM +0000, Phil Odence wrote:
An exciting development! |
|
|
|
|
|
Thursday SPDX General Meeting Reminder - joining forces with 3T SBOM
Phil Odence
An exciting development!
As you may know, there have been a handful of groups working on standardizing SBOMs. Kate and Gary have been working closely with the 3T SBOM group for some time. Our missions are sufficiently aligned that we will be joining forces to evolve SPDX. Those folks will be attending various SPDX meetings including the General meeting.
In Thursday’s General meeting, Kay Williams and Bob Martin will provide some background on 3T SBOM and their perspective on joining forces. We will also add reports from the teams developing the various profiles to our regular agenda. The 3T folks have been working on and will report on the Integrity and Defects profiles.
GENERAL MEETING
Meeting Time: Thurs, Feb 4, 8am PT / 10 am CT / 11am ET / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval
3T SBOM Intro - Kay/Bob
Technical Team Report – Kate/Gary/Others
Legal Team Report – Jilayne/Paul/Steve
Outreach/Website Team Report – Jack
|
|
|
|
|
|
Re: [spdx-tech] [spdx] Usage profile for SPDX3.0 - proposal from OpenChain Japan WG -
Takahashi, Kentaro <kentaro_takahashi@...>
Thank you for your kind support Kate-san !
toggle quoted message
Show quoted text
Best regards, Kentaro Takahashi -----Original Message----- |
|
|
|
|
|
Usage profile for SPDX3.0 - proposal from OpenChain Japan WG -
Kate Stewart
Thanks for sending this Takahashi-san. I'm forwarding this email for discussion on the spdx-tech mailing list where the usage profile will be discussed. spdx-tech is where we are discussing the profiles. spdx-general is low volume, and more for announcements. Will follow up on the spdx-tech mail list. Thanks, Kate ---------- Forwarded message --------- From: Takahashi, Kentaro <kentaro_takahashi@...> Date: Tue, Jan 19, 2021 at 8:57 AM Subject: [spdx] Usage profile for SPDX3.0 - proposal from OpenChain Japan WG - To: spdx@... <spdx@...> Dear members, We are in the license information exchange sub group under OpenChain Japan WG, and would like to propose usage profile for SPDX3.0 on this mailing list based on Kate's suggestion as follows: How can we describe "Reference to Local/Contract Documents" with External Document Ref Tag? (1) Proposal of usage profile: including OSS policy and/or contract information on the SPDX (at chain basis) As each company would have own OSS policy, OSS related inconsistency may be arisen at each deal(each supply chain). Generally, this kind of policy would be defined in the closed / local document such as policy, agreement, contract, and/or SPEC under each chain, and as such, it would not be applicable for SPDX2.2 for the moment. However, for the purpose of clear data exchange at supply chain basis and of whole data exchange management, we would like to include OSS policy and/or contract information on the SPDX3.0 at chain basis. (2)How can we do? For example, restricted OSS license may be identified in the OSS policy. Also, such OSS license may be approved only for prototype. Accordingly, we are focused on "External Document References", "UsageInfo", "ValidUntil" to describe such information exchange with the following (A)-(D): (A)In order to refer to the machine readable "Agreement" in relation to product development between company A and company B.: ExternalDocumentRef: DocumentRef-Agreement_Btw_A_B file://anyware_but_not_disclosed_to_open/Agreement_Btw_A_B.txt Checksum_for_for_Agreement_Btw_A_B Or ExternalDocumentRef: DocumentRef-Agreement_Btw_A_B "Specific ID, Effective As Of or any other common identifier between supplier A and consumer B" Checksum_for_Agreement_Btw_A_B (B)In order to describe UsageInfo for product defined in the Agreement between A and B: DocumentRef-ThisSPDXID: SPDXID PREREQUISITE_FOR TargetProductInfo-ThisSPDXID TargetProductInfo: TargetProductinfo-ThisSPDXID "Product Name which worte in Agreement_Btw_A_B" (C)In order to pick up UsageInfo description about package "X" from the Agreement between A and B: Package Description about "X"..... UsageInfo:<text> "Only for Verification but not for Final Product" </text> (Picked up from "Agreement_Btw_A_B"). (D)In order to define Expiration of This SPDX Document on Product Development: ValidUntil: <text>"Next Scheduled Delivery of SPDX Doc"</text> We are looking forward to receive any feedback from others on this matter. Thank you in advance! Best regards, Kentaro Takahashi Intellectual Property Div. TOYOTA MOTOR CORPORATION Attention: The information contained in this email may be attorney/client privileged and confidential information intended only for the use of the recipient(s) named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please contact the sender by reply e-mail and destroy all copies of this e-mail message. Thank you. |
|
|
|
|
|
Usage profile for SPDX3.0 - proposal from OpenChain Japan WG -
Takahashi, Kentaro <kentaro_takahashi@...>
Dear members,
We are in the license information exchange sub group under OpenChain Japan WG, and would like to propose usage profile for SPDX3.0 on this mailing list based on Kate's suggestion as follows: How can we describe "Reference to Local/Contract Documents" with External Document Ref Tag? (1) Proposal of usage profile: including OSS policy and/or contract information on the SPDX (at chain basis) As each company would have own OSS policy, OSS related inconsistency may be arisen at each deal(each supply chain). Generally, this kind of policy would be defined in the closed / local document such as policy, agreement, contract, and/or SPEC under each chain, and as such, it would not be applicable for SPDX2.2 for the moment. However, for the purpose of clear data exchange at supply chain basis and of whole data exchange management, we would like to include OSS policy and/or contract information on the SPDX3.0 at chain basis. (2)How can we do? For example, restricted OSS license may be identified in the OSS policy. Also, such OSS license may be approved only for prototype. Accordingly, we are focused on "External Document References", "UsageInfo", "ValidUntil" to describe such information exchange with the following (A)-(D): (A)In order to refer to the machine readable "Agreement" in relation to product development between company A and company B.: ExternalDocumentRef: DocumentRef-Agreement_Btw_A_B file://anyware_but_not_disclosed_to_open/Agreement_Btw_A_B.txt Checksum_for_for_Agreement_Btw_A_B Or ExternalDocumentRef: DocumentRef-Agreement_Btw_A_B "Specific ID, Effective As Of or any other common identifier between supplier A and consumer B" Checksum_for_Agreement_Btw_A_B (B)In order to describe UsageInfo for product defined in the Agreement between A and B: DocumentRef-ThisSPDXID: SPDXID PREREQUISITE_FOR TargetProductInfo-ThisSPDXID TargetProductInfo: TargetProductinfo-ThisSPDXID "Product Name which worte in Agreement_Btw_A_B" (C)In order to pick up UsageInfo description about package "X" from the Agreement between A and B: Package Description about "X"..... UsageInfo:<text> "Only for Verification but not for Final Product" </text> (Picked up from "Agreement_Btw_A_B"). (D)In order to define Expiration of This SPDX Document on Product Development: ValidUntil: <text>"Next Scheduled Delivery of SPDX Doc"</text> We are looking forward to receive any feedback from others on this matter. Thank you in advance! Best regards, Kentaro Takahashi Intellectual Property Div. TOYOTA MOTOR CORPORATION Attention: The information contained in this email may be attorney/client privileged and confidential information intended only for the use of the recipient(s) named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please contact the sender by reply e-mail and destroy all copies of this e-mail message. Thank you. |
|
|
|
|
|
Re: Referencing external spdx documents with package information from project.spdx.yml
Gary O'Neall
Moving this from spdx general list to spdx-tech list.
Greetings Stephanie,
If you are referring to an external SPDX document, you will want to use the ExternalSpdxDocument rather than ExternalRef.
The serialization format for the ExternalSpdxDocument varies quite a bit between the different file formats.
For YAML, the top level document will have a field externalDocumentRefs which lists all documents which are referenced. For example:
… externalDocumentRefs: - externalDocumentId: "DocumentRef-spdx-tool-1.2" checksum: algorithm: "SHA1" checksumValue: "d6a770ba38583ed4bb4525bd96e50461655d2759" spdxDocument: "http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301" …
When there an element in the external document referenced, the syntax is externalDocumentId:SPDXRef-XXX where the SPDXRef-XXX is the SPDX reference in the external document.
For example: … relationships: - spdxElementId: "SPDXRef-DOCUMENT" relatedSpdxElement: "DocumentRef-spdx-tool-1.2:SPDXRef-ToolsElement" relationshipType: "COPY_OF" …
This is a similar approach to how the Tag/Value fields are parsed.
Note that this is an area of active discussion for the 3.0 Spec. We all are finding the ExternalDocumentRef’s confusing and we will be renaming the fields at a minimum. There is also some discussion on changing the model related to external document ref’s. We will probably be discussing this on upcoming SPDX tech calls. It has been proposed that we reintroduce the ExternalSpdxElement in the model for 3.0.
The SPDX YAML example includes an external document reference.
Best regards,
From: spdx@... <spdx@...> On Behalf Of Neubauer Stephanie (IOC/PDL4) via lists.spdx.org
Sent: Wednesday, January 13, 2021 4:40 AM To: spdx@... Cc: Schuberth Sebastian (IOC/PDL1) <Sebastian.Schuberth@...> Subject: [spdx] Referencing external spdx documents with package information from project.spdx.yml
Hello J
I am currently working on an issue in the Oss-Review-Toolkit [1] to support referring to external SPDX files from a `project.spdx.yml` [2].
I am currently checking out the spdx-specs [3] and the spdx schema [4] to create a working example of an ´project.spdx.yml` which has a package referencing an external SPDX document for its metadata. In the example file provided in [5] I could not find a reference of that sort. I have tried using `externalRefs` parameter of a package in the spdx document, but didn’t achieve actually referencing an external spdx document. In the last paragraph of the spdx/tools repository [6] I have found a mention of “ExternalSpdxElement” that is not in the 2.0 model anymore. Has this been replaced in some way?
I wondered if there was an actual example in one of the documentations or repositories that shows: A project.spdx.yml listing a package and in that package metadata refer to additional metadata in the form of a package.spdx.yml (or something similar)
Here is a slightly changed project.spdx.yml (originally from [7]) that shows how I would imagine the mechanisms working: SPDXID: "SPDXRef-DOCUMENT" spdxVersion: "SPDX-2.2" creationInfo: created: "2020-07-23T18:30:22Z" creators: - "Organization: Example Inc." - "Person: Thomas Steenbergen" licenseListVersion: "3.9" name: "xyz-0.1.0" dataLicense: "CC0-1.0" documentNamespace: "http://spdx.org/spdxdocs/spdx-document-xyz" documentDescribes: - "SPDXRef-Package-xyz" packages: - SPDXID: "SPDXRef-Package-xyz" description: "Awesome product created by Example Inc." copyrightText: "Copyright (C) 2020 Example Inc." downloadLocation: "git+ssh://gitlab.example.com:3389/products/xyz.git@b2c358080011af6a366d2512a25a379fbe7b1f78" filesAnalyzed: false homepage: "https://example.com/products/xyz" licenseConcluded: "NOASSERTION" licenseDeclared: "Apache-2.0 AND curl AND LicenseRef-Proprietary-ExampleInc" name: "xyz" versionInfo: "0.1.0" - SPDXID: "SPDXRef-Package-curl" externalRefs: referenceCategory: "OTHER" referenceLocator: "curl:7.70.0" (or similar way of giving an identifier) referenceType: https://github.com/oss-review-toolkit/ort/blob/master/analyzer/src/funTest/assets/projects/synthetic/spdx/package/libs/curl/package.spdx.yml (alternatively a relative path to the same file locally could be given here) OR: - SPDXID: "SPDXRef-Package-curl" externalSpdxDocument: documentUri: https://github.com/oss-review-toolkit/ort/blob/master/analyzer/src/funTest/assets/projects/synthetic/spdx/package/libs/curl/package.spdx.yml (alternatively a relative path to the same file locally could be given here) id: SPDXDocumentRef-curl relationships: - spdxElementId: "SPDXRef-Package-xyz" relatedSpdxElement: "SPDXRef-Package-curl" relationshipType: "DEPENDS_ON"
[1] https://github.com/oss-review-toolkit/ort [2] https://github.com/oss-review-toolkit/ort/issues/3402 [3] https://spdx.github.io/spdx-spec/3-package-information/#321-external-reference [4] https://github.com/spdx/spdx-spec/blob/development/v2.2.1/schemas/spdx-schema.json [5] https://github.com/spdx/spdx-spec/blob/development/v2.2.1/examples/SPDXYAMLExample-2.2.spdx.yaml [6] https://github.com/spdx/tools#upgrading-to-spdx-20
Mit freundlichen Grüßen / Best regards |
|
|
|
|
|
Re: "X.org Preferred License"
Hi Alan,
toggle quoted message
Show quoted text
Your Firefox extension works really well. Thanks for this great tool! Best, Till Am 14.01.21 um 22:26 schrieb Alan Tse: Hi Mark, |
|
|
|
|
|
Re: "X.org Preferred License"
I'm glad this topic came up, because I hadn't heard of spdx-license-diff before, and now I have it installed. That's a pretty good start to a Friday!
Thanks, Alan!
steve
From: spdx@... <spdx@...>
On Behalf Of Alan Tse
Sent: 14 January 2021 21:26 To: spdx@... Cc: Kate Stewart <kstewart@...>; Atwood, Mark <atwoodm@...> Subject: Re: [spdx] "X.org Preferred License"
Hi Mark, I’m also not sure of which SPDX tool you were using but I checked with the browser extension spdx-license-diff and I get a template match to MIT since the extra part is optional as described by Steve.
Of course if you do use the browser extension and you see missing template matches with it (which I find occasionally), I’ll fix it if you report it.
Alan
From:
<spdx@...> on behalf of Steve Winslow <swinslow@...>
CAUTION: This email originated from outside of Western Digital. Do not click on links or open attachments unless you recognize the sender and know that the content is safe.
Hi Mark,
The MIT license template on the license list [1] has the language "(including the next paragraph)" as optional text, which is why that part shows up in blue italics on the list [2].
I think that's what you're referring to, but let me know if I'm missing something.
Best, Steve
On Thu, Jan 14, 2021 at 3:19 PM Mark Atwood via lists.spdx.org <atwoodm=amazon.com@...> wrote:
Steve Winslow |
|
|
|
|
|
Re: "X.org Preferred License"
Thanks, and I see it’s already done. Now I need to see why my tool isn’t matching it.
..m
From: Steve Winslow <swinslow@...>
Sent: Thursday, January 14, 2021 12:47 PM To: spdx@... Cc: Kate Stewart <kstewart@...>; Atwood, Mark <atwoodm@...> Subject: RE: [EXTERNAL] [spdx] "X.org Preferred License"
Hi Mark,
The MIT license template on the license list [1] has the language "(including the next paragraph)" as optional text, which is why that part shows up in blue italics on the list [2].
I think that's what you're referring to, but let me know if I'm missing something.
Best, Steve
On Thu, Jan 14, 2021 at 3:19 PM Mark Atwood via lists.spdx.org <atwoodm=amazon.com@...> wrote:
Steve Winslow |
|
|
|
|
|
Re: "X.org Preferred License"
Alan Tse
Hi Mark, I’m also not sure of which SPDX tool you were using but I checked with the browser extension spdx-license-diff and I get a template match to MIT since the extra part is optional as described by Steve.
Of course if you do use the browser extension and you see missing template matches with it (which I find occasionally), I’ll fix it if you report it.
Alan
From: <spdx@...> on behalf of Steve Winslow <swinslow@...>
CAUTION: This email originated from outside of Western Digital. Do not click on links or open attachments unless you recognize the sender and know that the content is safe.
Hi Mark,
The MIT license template on the license list [1] has the language "(including the next paragraph)" as optional text, which is why that part shows up in blue italics on the list [2].
I think that's what you're referring to, but let me know if I'm missing something.
Best, Steve
On Thu, Jan 14, 2021 at 3:19 PM Mark Atwood via
lists.spdx.org <atwoodm=amazon.com@...> wrote:
Steve Winslow |
|
|
|
|
|
Re: "X.org Preferred License"
Steve Winslow
Hi Mark, The MIT license template on the license list [1] has the language "(including the next paragraph)" as optional text, which is why that part shows up in blue italics on the list [2]. I think that's what you're referring to, but let me know if I'm missing something. Best, Steve The "X.org Preferred License" documented at [ |
|
|
|
|
|
"X.org Preferred License"
The "X.org Preferred License" documented at [
https://www.x.org/archive/current/doc/xorg-docs/License.html ] is the MIT license with the additional text in the middle "(including the next paragraph)". Our SPDX license matching tool is not locking onto it with 100%, but instead is showing it nearest edit distance to MIT. I've not yet dug in deeper, but, Is the X.org variant in the SPDX database? If not should we add it as an new license, or as matching rule variant to MIT? If its not in the database, I will start the legwork and paperwork to add it. ..m Mark Atwood <atwoodm@...> Principal, Open Source +1-206-604-2198 |
|
|
|
|
|
Referencing external spdx documents with package information from project.spdx.yml
stephanie.neubauer@...
Hello J
I am currently working on an issue in the Oss-Review-Toolkit [1] to support referring to external SPDX files from a `project.spdx.yml` [2].
I am currently checking out the spdx-specs [3] and the spdx schema [4] to create a working example of an ´project.spdx.yml` which has a package referencing an external SPDX document for its metadata. In the example file provided in [5] I could not find a reference of that sort. I have tried using `externalRefs` parameter of a package in the spdx document, but didn’t achieve actually referencing an external spdx document. In the last paragraph of the spdx/tools repository [6] I have found a mention of “ExternalSpdxElement” that is not in the 2.0 model anymore. Has this been replaced in some way?
I wondered if there was an actual example in one of the documentations or repositories that shows: A project.spdx.yml listing a package and in that package metadata refer to additional metadata in the form of a package.spdx.yml (or something similar)
Here is a slightly changed project.spdx.yml (originally from [7]) that shows how I would imagine the mechanisms working: SPDXID: "SPDXRef-DOCUMENT" spdxVersion: "SPDX-2.2" creationInfo: created: "2020-07-23T18:30:22Z" creators: - "Organization: Example Inc." - "Person: Thomas Steenbergen" licenseListVersion: "3.9" name: "xyz-0.1.0" dataLicense: "CC0-1.0" documentNamespace: "http://spdx.org/spdxdocs/spdx-document-xyz" documentDescribes: - "SPDXRef-Package-xyz" packages: - SPDXID: "SPDXRef-Package-xyz" description: "Awesome product created by Example Inc." copyrightText: "Copyright (C) 2020 Example Inc." downloadLocation: "git+ssh://gitlab.example.com:3389/products/xyz.git@b2c358080011af6a366d2512a25a379fbe7b1f78" filesAnalyzed: false homepage: "https://example.com/products/xyz" licenseConcluded: "NOASSERTION" licenseDeclared: "Apache-2.0 AND curl AND LicenseRef-Proprietary-ExampleInc" name: "xyz" versionInfo: "0.1.0" - SPDXID: "SPDXRef-Package-curl" externalRefs: referenceCategory: "OTHER" referenceLocator: "curl:7.70.0" (or similar way of giving an identifier) referenceType: https://github.com/oss-review-toolkit/ort/blob/master/analyzer/src/funTest/assets/projects/synthetic/spdx/package/libs/curl/package.spdx.yml (alternatively a relative path to the same file locally could be given here) OR: - SPDXID: "SPDXRef-Package-curl" externalSpdxDocument: documentUri: https://github.com/oss-review-toolkit/ort/blob/master/analyzer/src/funTest/assets/projects/synthetic/spdx/package/libs/curl/package.spdx.yml (alternatively a relative path to the same file locally could be given here) id: SPDXDocumentRef-curl relationships: - spdxElementId: "SPDXRef-Package-xyz" relatedSpdxElement: "SPDXRef-Package-curl" relationshipType: "DEPENDS_ON"
[1] https://github.com/oss-review-toolkit/ort [2] https://github.com/oss-review-toolkit/ort/issues/3402 [3] https://spdx.github.io/spdx-spec/3-package-information/#321-external-reference [4] https://github.com/spdx/spdx-spec/blob/development/v2.2.1/schemas/spdx-schema.json [5] https://github.com/spdx/spdx-spec/blob/development/v2.2.1/examples/SPDXYAMLExample-2.2.spdx.yaml [6] https://github.com/spdx/tools#upgrading-to-spdx-20
Mit freundlichen Grüßen / Best regards |
|
|
|
|
|
SPDX General Meeting
Phil Odence
Here’s a new invite for 2021. Please accept the recurring meeting Note there will be no SPDX General Meeting in January. **** New dial in number:
415-881-1586 No PIN needed The weblink for screenshare:
|
|
|
|
|
|
Canceled: SPDX General Meeting
Phil Odence
This is an old meeting. Please ignore.
|
|
|
|
|
|
Ignore meeting cancellation
Phil Odence
I am trying to remove a legacy event from an old calendar. I think you will receive a cancellation of this old meeting. Apologies, just ignore. We are on for a General Meeting next week. Happy New Year, Phil
L. Philip Odence General Manager, Black Duck Audit Business Synopsys Software Integrity Group, Burlington, MA M (781) 258-9502 | phil.odence@... https://www.synopsys.com/audits
|
|
|
|
|
|
SPDX December General Meeting Minutes
Phil Odence
Happy Holidays, All. See you in 2021!
https://wiki.spdx.org/view/General_Meeting/Minutes/2020-12-03
General Meeting/Minutes/2020-12-03< General Meeting | Minutes · Attendance: 11 · Lead by Phil Odence · Minutes of Nov meeting Approved
Contents[hide] · 2 Legal Team Report - Paul/Jilayne/Steve Tech Team Report - Gary[edit]· Spec · Nov, busy month · Mostly working on Base Model · Working on Relationships · Between, for example, files, packages, etc · Exploring verification methods, digital signatures, etc · Supporting Contains · This should clear the way to get more work done on the other profiles · Process work too · Hoping enough is in place after next meeting to remove blockers · Tools · New release of online tools is up · Quite significant · Much new functionality · As such, there will likely be issues · Report in GitHub or emailing Gary · There was a character encoding issues that was quickly resolved · New license list generator has improved the LL · Good work/improvements on Go libraries · THANKS, Rishabh Legal Team Report - Paul/Jilayne/Steve[edit]· Main Nov work 3.11 License release · A little smaller than previous was · 3.12 discussions starting today · Aiming for end of Jan · Dealing with a little backlog of new requests · Could use help, as usual · Documentation/Website · Core team has been overhauling · Updating License List page · Including moving to GitHub Outreach Team Report[edit]· Aveek’s ideas for increasing SPDX Participation · Started discussing last meeting · Rough plan · Approach student communities at different schools · Give assignments to students or onboarding · e.g. Open Printing has a generic, easy, but comprehensive assignment defined · May need different ones for different technologies · Single point of contact to guide students · Perhaps students from previous years · Identify basic issues to assign · Encourage participation in GSOC and LFMP · Encourage previous students to mentor · Organize Virtual Meetups · From student groups in schools · Also has the idea of talking to other projects about benefits · Will start with Open Printing Attendees[edit]· Phil Odence, Black Duck/Synopsys · David Wheeler, Linux Foundation · Rishabh Bhatnagar, St Francis Inst Tech · Aveek Basu, NextMark Printers · Steve Winslow, LF · Jilayne Lovejoy, Canonical · Mark Atwood, Amazon · Paul Madick · Mike Dolan, Linux Foundation · Jim Hutchison, Qualcomm · Rose Judge, VMware
|
|
|
|
|
|
Thursday SPDX General Meeting Reminder
Phil Odence
GENERAL MEETING
Meeting Time: Thurs, Dec 3, 8am PT / 10 am CT / 11am ET / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval https://wiki.spdx.org/view/General_Meeting/Minutes/2020-11-05
Technical Team Report – Gary
Legal Team Report – Jilayne/Paul/Steve
Outreach Team Report – Jack
Any Cross Functional Issues –All
|
|
|
|
|
|
Thursday SPDX General Meeting Reminder
Phil Odence
Sorry for the late notice.
Today we will have the standard agenda plus a walkthrough of the state of the 3.0 spec.
GENERAL MEETING
Meeting Time: Thurs, Nov 5, 8am PT / 10 am CT / 11am ET / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval
Spec 3.0 walk through
Technical Team Report – Kate/Gary
Legal Team Report – Jilayne/Paul/Steve
Outreach Team Report – Jack
Any Cross Functional Issues –All
|
|
|
|
