|
SPDX Sept General Meeting Minutes
Phil Odence
https://wiki.spdx.org/view/General_Meeting/Minutes/2018-10-04
General Meeting/Minutes/2018-10-04< General Meeting | Minutes · Attendance: 8 · Lead by Phil Odence · Minutes of Sept meeting approved
Contents[hide] · 1 Tech Team Report - Kate/Gary · 2 Legal Team Report - Jilayne · 3 Outreach Team Report - Jack Tech Team Report - Kate/Gary[edit]· Spec · Focus on multiple formats · How do deal with XML, JSON, YAML · Proposal to link to software heritage identifies · SW heritage- presentation came out recently on how code should be ID’ed in repos · Seems to make sense to extend references to point to · General agreement on last tech call · Tooling · Got integrated on line tools up · License submittal · XML editor · Beta quality, ready to go. http://spdxtools.sourceauditor.com · GSOC has worked very well · Should thank Google · Post on Website · Could use some social media · Topic for Outreach · May want to point projects to FSF software reuse site which advocates SPDX · Would be a good credibility builder · The link is on the site, but not easy to find · Other Groups · NTIA- Government group defining a BoM standard · Prototype work in health care · Fingers crossed that they will use SPDX · SWID · Active discussion · Mapping fields between SPDX an SW · Other groups may be able to use our use cases · They are wrestling with what is a components · Also, how a company can keep their own supplementary license list · Can do via a SPDX doc that is just licenses and make external reference to · Steve W will help out Legal Team Report - Jilayne[edit]· New license backlog · Trying to clear out for next release · Looking forward to new tooling · Could use testing help · Need some Python help on the tools · Mostly fixing up formatting stuff Outreach Team Report - Jack[edit]· Little activity · Regrouping
Attendees[edit]· Phil Odence, Black Duck/Synopsys · Kate Stewart, Linux Foundation · Gary O’Neall, SourceAuditor · Matthew Crawford, ARM · Jilayne Lovejoy, ARM · Jack Manbeck, TI · Steve Winslow, LF · Mark Atwood, Amazon
|
|
|
|
Thursday SPDX General Meeting Reminder
Phil Odence
No guest presentation this month, so anticipate a shorter meeting.
(I’m open to ideas for guest presentations.)
GENERAL MEETING
Meeting Time: Thurs, Oct 4, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval: https://wiki.spdx.org/view/General_Meeting/Minutes/2018-09-06
Technical Team Report – Kate/Gary
Legal Team Report – Jilayne/Paul
Outreach Team Report – Jack
Any Cross Functional Issues –All
L. Philip Odence
|
|
|
|
Re: Thursday SPDX General Meeting Reminder
On 4 Sep 2018 10:45 p.m., "Phil Odence" <phil.odence@...> wrote:
|
|
|
|
Thursday SPDX General Meeting Reminder
Phil Odence
This month’s guest speaker is Mark Gisi. Many of you know Mark from his big contributions over the years to SPDX and OpenChaiun. He has a really interesting topic to share. I’m disappointed that I have a conflict. One of the other SPDX Core Team Members will host. Phil Odence
Abstract ----------- The union of SPDX data and a blockchain ledger is a match made in heaven. This union enables us to provide both *accountability* and *access* to SPDX data for manufactured products that are comprised on software components contributed by dozens of suppliers. We will present a use case of how we track SPDX data (along with source code and notices) across the manufacturing supply chain of a device running the Zephyr operating system runtime. Bio ---- Mark Gisi, Directory of Intellectual Property and Open Source at Wind River Systems, has been managing Open Source policies and programs for the past 12 years. Mark contributes to the Linux Foundation’s SPDX project, OpenChain Project and the Hyperledger Project’s SParts (Software Parts) lab initiative. Mark holds a MS degree in Computer Science and a BS degree in Mathematics.
GENERAL MEETING
Meeting Time: Thurs, Sept 6, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval: https://wiki.spdx.org/view/General_Meeting/Minutes/2018-08-02
Guest Presentation – Mark
Technical Team Report – Kate/Gary
Legal Team Report – Jilayne/Paul
Outreach Team Report – Jack
Any Cross Functional Issues –All
|
|
|
|
Re: OpenChain @ Open Source Summit 2018 (Vancouver) on August 28th
Shane Coughlan <coughlan@...>
Dear all
toggle quoted messageShow quoted text
This is the final schedule for the OpenChain workshop at Open Source Summit North America today: 13:00 - Welcome and Status Update 13:10 - Work Team - Conformance 13:30 - Adjacent Project Status Overviews - SPDX - FOSSology - Clearly Defined 14:00 - Networking Break 14:30 - Forward Planning - Strategy and Tactics 15:00 - Work Team - Specification 15:50 - Networking Break 16:20 - Work Team - Curriculum 16:40 - Work Team - Onboarding 17:00 - Close Join us between 1:00 – 5:00 pm at Room 205, Vancouver Convention Centre West Regards Shane
On Aug 27, 2018, at 3:10, Shane Coughlan <coughlan@...> wrote:
|
|
|
|
OpenChain @ Open Source Summit 2018 (Vancouver) on August 28th
Shane Coughlan <coughlan@...>
Dear all
This is a reminder that there will be an OpenChain workshop at Open Source Summit North America this week. We are coordinating with our friends at the SPDX Project, who also have a workshop on the 28th, to ensure people can attend key parts of both. Here are our details: OpenChain Mini Summit Date: Tuesday, August 28 Time: 1:00 – 5:00 pm Location: Room 205, Vancouver Convention Centre West Registration Costs: Complimentary Here is our schedule: 13:00 - Welcome and Status Update 13:10 - Work Team - Conformance 13:30 - Forward Planning - Strategy and Tactics 14:00 - Networking Break 14:30 - Adjacent Project Status Overviews - SPDX - FOSSology - Clearly Defined 15:00 - Work Team - Specification 15:50 - Networking Break 16:20 - Work Team - Curriculum 16:40 - Work Team - Onboarding 17:00 - Close Public announcement here: https://www.openchainproject.org/news/2018/08/17/openchain-workshop-open-source-summit-north-america There will be an informal OpenChain social gathering at 6pm in the Mosaic Grill in the Hyatt Regency at 6pm. Spaces are limited to 20 people. We only have a couple of spots (literally) left so RSVP is strongly advised. I look forward to seeing you in Vancouver! Regards Shane -- Shane Coughlan General Manager, OpenChain e: coughlan@... p: +81 (0) 80 4035 8083 w: www.openchainproject.org Professional profile: http://www.linkedin.com/in/shanecoughlan Get my free book on open source compliance here: https://www.linuxfoundation.org/news-media/research/practical-gpl-compliance
|
|
|
|
August SPDX General Meeting Minutes
Phil Odence
https://wiki.spdx.org/view/General_Meeting/Minutes/2018-08-02
General Meeting/Minutes/2018-08-02< General Meeting | Minutes · Attendance: 12 · Lead by Phil Odence · Minutes of July meeting approved Contents[hide] · 1 Guest Presentation, - Supporting Continuous Integration, Ndip Tanyi · 2 Tech Team Report - Kate/Gary · 3 Legal Team Report - Jilayne/Paul · 4 Outreach Team Report - Jack Guest Presentation, - Supporting Continuous Integration, Ndip Tanyi[edit]· Idea- Automatically generating SPDX docs as part of CI process · Scope · Focused on Travis CI, NPM and Python · Demo · Add an install and SPDX build script to build script · And some statements to push the SPDX docs to the repo · Future extensions · Pushing to GItHub as a commit · Other CI systems · Has been designed generically enough to be extensible to other languages and environments
Tech Team Report - Kate/Gary[edit]· Tooling · Mostly GSoC work · License XML Editor · Gary posting new version today http://spdxtools.sourceauditor.com · If you want to test, make it clear that these are tests, to make clear in the pull requests · Spec work · Working for consistency in external identifiers · Interest coming up from security community · SWID · NTIA conference that featured SPDX · Working in interop and SPDX standardization · Looking at spinning up a security subgroup · Interest from US House and Senate in a SW BoM and SPDX is on the docket · NIST and other organizations are involved in the background
Legal Team Report - Jilayne/Paul[edit]· 3.2 is out · Some clean up of old issues in process · Request to that legal folks try out Tushar’s tool · Exceptions · The term is imperfect as it handles some items that are not “exceptions” per se · Patent grants, for example · Considering changing the term to be more neutral and inclusive · “Modifiers” maybe? · Will send an email to a wide audience get people thinking about it and set up a special meeting
Outreach Team Report - Jack[edit]· Website · Making more sense of the License List and Documents section · Shane Coughlin, from Open Chain, is getting involved · Outreach to companies · New time for Outreach calls is 7pm EDT · (Shane is in Japan) · OSS Summit · Backoff on the Tuesday · And a session on Consuming SPDX
Attendees[edit]· Phil Odence, Black Duck/Synopsys · Ndip Tanyi, Alberta University · Tushar Mittal, GSoC Student · Gary O’Neall, SourceAuditor · Yash Nisar, GSoC Student · Jack Manbeck, TI · Steve Winslow, LF · Jilayne Lovejoy, ARM · Paul Madick, Dimension Data · Mike Dolan, Linux Foundation · Matije Suklje, Liferay · Mark Atwood, Amazon
|
|
|
|
Thursday SPDX General Meeting Reminder
Phil Odence
This month’s guest speaker is one of our Google Summer of Code Students, Ndip Tanyi. Originally from Cameroon where he did his undergraduate. He is currently enrolled in a masters degree in computer science at Alberta University. He is passionate about computer code and innovation as a whole.
Ndip will be speaking about his project, a build tool for SPDX file generation. The idea is to create plug-ins to support generating valid SPDX docs in continuous integration environments.
GENERAL MEETING
Meeting Time: Thurs, Aug, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval: https://wiki.spdx.org/view/General_Meeting/Minutes/2018-07-11
Guest Presentation – Ndip
Technical Team Report – Kate/Gary
Legal Team Report – Jilayne/Paul
Outreach Team Report – Jack
Cross Functional Issues –All
|
|
|
|
SPDX July General Meeting Minutes
Phil Odence
https://wiki.spdx.org/view/General_Meeting/Minutes/2018-07-11
General Meeting/Minutes/2018-07-11< General Meeting | Minutes · Attendance: 10 · Lead by Phil Odence · Minutes of June meeting approved Contents[hide] · 1 Guest Presentation, Online XML Editor- Tushar Mittal · 3 Outreach Team Report - SteveW · 4 Legal Team Report - Jilayne Guest Presentation, Online XML Editor- Tushar Mittal[edit]· XML Editor for Editing Licenses · For contributors to License List · Demo · User can · upload flies, or · Specify one of the current licenses · Options · Text, Tree, Split View Editor · Text · Editor guides to sticking with SPDX license schema · Beautify cleans up XML nicely · Tree Editor · Operates on the same file · Easy way to modify attributes · Legal team is very enthusiastic about the tool · It will make their lives much easier.
Tech Team Report - Gary[edit]· GSoC · Good progress across the board · Tushar obviously has done some great work · Additionally upgrading Python libraries and work on build tools · Most calls focused on 2.2 list of potential enhancements and issues · Progress a little slow due to vacations · LinuxCon NA, Vancouver · There will be some tools work going on · Anyone interested should contact Gary or email the list
Outreach Team Report - SteveW[edit]· SPDX short form IDs has gone live · Includes guidelines for developers who want to add IDs to their files Legal Team Report - Jilayne[edit]· V3.2 of License List just released · Will be updating General Mailing list including stats on new licenses · Continuing to monitor pull requests · Today’s meeting will recap old/stale Attendees[edit]· Phil Odence, Black Duck/Synopsys · Tushar Mittal, GSoC Student · Gary O’Neall, SourceAuditor · Yash Nisar, GSoC Student · Dave Marr, Qualcomm · Steve Winslow, LF · Matthew Crawford, ARM · Mark Atwood, Amazon · Jilayne Lovejoy, ARM · Bradlee Edmondson, Harvard
|
|
|
|
Software Component Transparency - remote participation for July 19 meeting
John Scott
Fyi
On July 10, 2018 at 4:12:18 PM, John Scott (john.scott@...) wrote:
|
|
|
|
Reminder: Next SPDX General Meeting and Special Guest July 12
Phil Odence
Hello All,
A reminder that we are pushing this month’s meeting out a week due to the US Holiday on Wednesday.
Joining us on the 12th will be one of our Google Summer of Code students, Tushar Mittal. Here’s what he’ll be presenting:
[GSoC Project Overview] Online XML Editor In this presentation, we'll talk about the work done on the XML editor project. It will include talking about the project and then a small presentation on what all features are provided and how to use them. This will help the members to understand the project better and give reviews, which would sum up to make the project more usable and user-friendly.
Tushar Mittal is a Computer Science undergraduate who loves to make things which makes life easier and solve problems. He is an active Open Source contributor and GSoC intern. He has a keen interest in everything related to Machine Learning and Blockchain. His favorite programming language is Python and currently, he mostly works with web development projects.
See you then!
Best, Phil L. Philip Odence
|
|
|
|
SPDX General Meeting 2018 (replacement)
Phil Odence
When: Occurs every month on the first Thursday of the month from 11:00 AM to 12:00 PM effective 8/2/2018 until 2/2/2019. (UTC-05:00) Eastern Time (US & Canada) Where: Bridge info enclosed *~*~*~*~*~*~*~*~*~* Please accept so this recurring meeting is on your calendar, however no need to send a response to me.
New dial in number:
415-881-1586 No PIN needed The weblink for screenshare will stay the same at:
|
|
|
|
July SPDX General Meeting
Phil Odence
When: Thursday, July 12, 2018 11:00 AM-12:00 PM. (UTC-05:00) Eastern Time (US & Canada) Where: Bridge info enclosed *~*~*~*~*~*~*~*~*~* New dial in number:
415-881-1586 No PIN needed The weblink for screenshare will stay the same at:
|
|
|
|
Canceled: SPDX General Meeting 2018
Phil Odence
As per my note to the general distribution list, I am cancelling this invitation and replacing with a new one from my Synopsys account which I will issue shortly. As long as you are
on the spdx@lists list, you will receive.
Note that due to the US Holiday, we will push July’s meeting a week later, so there will actually be two invitations forthcoming. Please accept both.
******* Note that we will be using a different dial in and different URL for future SPDX General Meetings.
Apologies for my having to send a new invitation. For some reason Outlook won’t let me update the original. So, you’ll have to delete the old. I called this one 2018, so there would be no confusion. (I hope)
Please accept so this recurring meeting is on your calendar, however no need to respond.
New dial in number:
415-881-1586 No PIN needed The weblink for screenshare will stay the same at:
|
|
|
|
SPDX June Gen Meeting Minutes - AND IMPORTANT SCHEDULING INFO
Phil Odence
The minutes are below. Thanks to Gary for managing.
IMPORTANT SCHEDULING INFO: Due to the US holiday, we will push the July meeting to July 12. Also, I need to reissue meeting invitations from my Synopsys account. Tomorrow, Tuesday, Boston morning time, I will cancel the exiting recurring meeting; in any case please make sure it is deleted from your calendar to avoid confusion. After cancelling the old, I will issue one invitation for the July 12 meeting and another recurring invitation for first Thursday of every month. Thanks, Phil
L. Philip Odence
https://wiki.spdx.org/view/General_Meeting/Minutes/2018-06-07
General Meeting/Minutes/2018-06-07< General Meeting | Minutes · Attendance: · Lead by Gary O'Neall · Minutes of May meeting approved Contents[hide] · 1 Outreach Team Report - Jack Outreach Team Report - Jack· Mail list migration on June 13th. Changing from spdx-biz to spdx-outreach for mail list name. spdx-general will become parent, all of others will be child. If signed up for any child, automatically parent. This will give us a master mail list. · Jack will be sending an email out on June 11th, apprising all of the mail list change. · Room reserved for SPDX plugfest at OSS for Aug 27th. · No update on the web site change. Agreement not to wake them up, and leave alone for now. Legal Team Report - Paul· Regular meetings in progress, knocking down issues happening in github · Meetings with GSoC students to cover requirements Tech Team Report - Gary· GSoC students all started, 2 working with legal team. · still waiting on spdx 2.1.1 to have proper generated .pdf, no comments back yet on updated version published on web. · spdx-spec issues are all tagged in github · most of focus is 2.2 at this point. Cross team - Gary· looking at getting GSoC student - probably Yash to present at next general call. Attendees· Gary O’Neall, SourceAuditor · Jack Manbeck, TI · Kate Stewart, Linux Foundation · Steve Winslow, LF · Paul Madick, Dimension Data · Jilayne Lovejoy, ARM
|
|
|
|
Re: Conversion to new email system complete
Bjoern Buerger <b.buerger@...>
Hi,
Am Wed, 13 Jun 2018 schrieb Manbeck, Jack via Lists.Spdx.Org: The conversion to the new email system is complete.Unfortunately, something really important is missing: lists.spdx.org mail is handled by 10 lb01.groups.io. lists.spdx.org mail is handled by 10 lb02.groups.io. lb01.groups.io has no AAAA record lb02.groups.io has no AAAA record It is 2018, for heaven's sake. Please add IPv6 Support for incoming and outgoing smtp. Ich just tried to subscribe with an IPv6 connected email account and subscription failed. With kind regards, Bjørn -- Pengutronix e.K. | Bjørn Bürger | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim | Phone: +49-5121-206917-5002 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
|
|
|
|
Conversion to new email system complete
Manbeck, Jack
All,
The conversion to the new email system is complete.
Best regards,
Jack Manbeck
|
|
|
|
Migration to Groups.io Completed
Johnson Nguyen
Greetings SPDX community!
We are writing to let you know that the migration of your mailing list services to Groups.io is complete. Please be sure to visit lists.spdx.org to overview your current lists and settings. If you’d like to learn more about using Groups.io , please reference their help documentation. If you need assistance with Groups.io, please email helpdesk@... for The Linux Foundation’s helpdesk.
|
|
|
|
REMINDER: New mailing list migration for SPDX tomorrow June 13
Manbeck, Jack
All,
Hopefully you have seen the email from the Linux Foundation on the our mailing list migration which will occur tomorrow, June 13th. You can get an overview of the new feature’s here. I have re-printed the email from the LF below which has some specifics about the move, who to contact if you have issues and general information on what Groups.io is.
There should be no impact for the general, technical and legal lists. The business list will change its name to outreach to complete the name change we did earlier. Other than that the migration should be seamless for you.
In addition to the above, whenever anyone signs up for the technical, legal or outreach lists they will be added to the general list (spdx) automatically which will become our main announcement only list (which is how it works today). This means, as part of the migration, if you were not subscribed to the general list you will be. This is a VERY low volume list used only for general announcement’s.
Should you run into any difficulties with the new list after the 13th use the assistance email in the mail below. Should you wish to explore using any of the new integration features of Groups.io please discuss that within the relevant team for which it applies. Also, we may send one test email to each mailing list after the transition which can be deleted by you.
Again, there should be no action required by you as part of this move.
Best regards,
Jack Manbeck
LF email:
<<<<
Greetings SPDX community! The Linux Foundation has connected with a new vendor called Groups.io, which provides mailing list services in a simple but modern interface. Groups.io offers all of the capabilities of our existing Mailman mailing service plus additional community tools that make it an exceptional service solution. We are planning to migrate your existing mailing list archives and user lists to Groups.io on Wednesday June 13th starting at 9:30am PST. The migration will include details on subscriber preferences and owner or moderator privileges. Owners and Moderators: Please be aware pending memberships or posts (and similar pending moderation actions) in Mailman will not be preserved in this migration. We recommend re-checking for any such pending decisions and taking action on them within Mailman one hour prior to the start of the migration window. During the migration window you will still be able to access the archives, however the delivery of messages sent to the mailing lists during this window will be delayed until after the migration of the archives and list members are complete. We will turn off new list signups during the migration window, then this functionality will be restored once it is complete.
FAQs What are the key differences between Mailman and Groups.io? · Groups.io has a modern interface, robust user security model, and interactive, searchable archives · Groups.io provides advanced features including muting threads and integrations with modern tools like GitHub, Slack, and Trello · Groups.io also has optional extras like a shared calendar, polling, chat, a wiki, and more · Groups.io uses a concept of subgroups, where members first join the project “group” (a master list, normally called "main"), then they choose the specific “subgroup” lists they want to subscribe to How do the costs compare? The Linux Foundation can provide project-branded Groups.io accounts to projects for less cost than managing our in-house Mailman systems. How is the experience different for me as a list moderator or participant? In many ways, it is very much the same. You will still find the main group at your existing URL and sub-groups equate to the more focused mailing lists based on the community’s needs. Here is an example of main group and sub-group URL patterns, and their respective emails: https://lists.projectname.org/g/main https://lists.projectname.org/g/devs https://lists.projectname.org/g/ci What is different is Groups.io’s simple but highly functional UI that will make the experience of moderating or participating in the community discussions more enjoyable. Where do I find the settings and owner/moderator tools? If you’d like to learn more about using Groups.io , please reference their help documentation. If you need assistance with Groups.io, please email helpdesk@... for The Linux Foundation’s helpdesk.
Cheers! Brendan OSullivan
Helpdesk Analyst
>>>
|
|
|
|
Re: May SPDX General Meeting Minutes
On četrtek, 03. maj 2018 17:51:26 CEST Phil Odence wrote:
Matije Suklje, LFFlattered, but my affiliation is with Liferay :) Was a very interesting call. I’m miffed that we have some important internal conference call clash directly and 100% every time with the SPDX Legal call. cheers, Matija Šuklje -- gsm: +386 41 849 552 www: http://matija.suklje.name xmpp: matija.suklje@... sip: matija_suklje@...
|
|
|