|
Re: Today SPDX General Meeting Reminder
Paul Madick
Hi Phil,
I have a conflict today so will miss the meeting. I will be on the legal call after.
Best,
Paul
-------- Original message --------
From: Phil Odence <phil.odence@...>
Date: 11/1/18 12:48 AM (GMT-08:00)
To: spdx@...
Subject: [spdx] Today SPDX General Meeting Reminder
No guest presentation this month, so anticipate a shorter meeting.
(I’m open to ideas for guest presentations.)
GENERAL MEETING
Meeting Time: Thurs, Nov 1, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval: https://wiki.spdx.org/view/General_Meeting/Minutes/2018-10-04
Technical Team Report – Kate/Gary
Legal Team Report – Jilayne/Paul
Outreach Team Report – Jack
Any Cross Functional Issues –All
L. Philip Odence
itevomcid |
|
|
|
Today SPDX General Meeting Reminder
Phil Odence
No guest presentation this month, so anticipate a shorter meeting.
(I’m open to ideas for guest presentations.)
GENERAL MEETING
Meeting Time: Thurs, Nov 1, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval: https://wiki.spdx.org/view/General_Meeting/Minutes/2018-10-04
Technical Team Report – Kate/Gary
Legal Team Report – Jilayne/Paul
Outreach Team Report – Jack
Any Cross Functional Issues –All
L. Philip Odence
|
|
|
|
OpenChain Recap - Week of 22nd October - Open Source Summit Europe
Shane Coughlan <coughlan@...>
It was a huge week last week. Quick recap of the major items below.
tl;dr - Toshiba is a Platinum Member, SUSE is OpenChain Conformant, Sony and Fujitsu shared knowledge We had two slide decks shared via the OpenChain Workshop (see bottom of mail). These boil down to two data points: (1) Fujitsu is actively using SPDX and wants to work with everyone else using this standard for describing information in software packages. (2) Sony has identified that it is important to include Sales/Marketing in the discussions around OpenChain and open source compliance. This builds on prior identification of the importance of making sure Procurement can understand OpenChain. For (1), I am going to hand over to Kate and the team at SPDX to discuss collaboration with Ueba San at Fujitsu. All in CC. For (2), we have a clear understanding that we need to formulate onboarding/introduction material for: (i) Procurement (ii) Sales/Marketing Nathan (chair of onboarding), would it make sense for us to open a couple of Google Docs to collaborate on this? == Big News == Toshiba Joins the OpenChain Project as a Platinum Member: “OpenChain is not just a project for OSS license compliance, it also helps to improve mutual trust and effective communication between open source developers and users,” says Tetsuji Fukaya, Director of the Corporate Software Engineering and Technology Center of Toshiba Corporation. “Open source is publicly recognized as an essential part of digital transformation and widely used in numerous products. In order to use open source appropriately, we think that license compliance alone is not enough. Mutual trust between developers and users is also essential. OpenChain will be key to achieve both. For that reason, we feel proud of being part of the OpenChain Project.” https://www.linuxfoundation.org/press-release/2018/10/toshiba-joins-the-openchain-project-as-a-platinum-member/ SUSE Joins the OpenChain Community of Conformance: “For more than 25 years, SUSE has created and engaged with open source communities as a foundation for its enterprise solutions,” said Thomas Di Giacomo, SUSE CTO. “We always engage with the community to better meet customer needs, and our OpenChain certification is another indication to enterprises that we are committed to making their experience with open source software more reliable and cost effective.” https://www.linuxfoundation.org/press-release/2018/10/suse-joins-the-openchain-community-of-conformance/ == OpenChain Workshop Contributions == Improvements in meta spdxscanner through FOSSology - Ueba San: https://www.slideshare.net/ShaneCoughlan3/improvements-in-meta-spdxscanner-through-fossology-ueba-san Two aspects for OpenChain BoF session - Ueda San: https://www.slideshare.net/ShaneCoughlan3/two-aspects-for-openchain-bof-session-ueda-san Regards Shane -- Shane Coughlan General Manager, OpenChain e: coughlan@... p: +81 (0) 80 4035 8083 w: www.openchainproject.org Professional profile: http://www.linkedin.com/in/shanecoughlan Get my free book on open source compliance here: https://www.linuxfoundation.org/news-media/research/practical-gpl-compliance |
|
|
|
SPDX Sept General Meeting Minutes
Phil Odence
https://wiki.spdx.org/view/General_Meeting/Minutes/2018-10-04
General Meeting/Minutes/2018-10-04< General Meeting | Minutes · Attendance: 8 · Lead by Phil Odence · Minutes of Sept meeting approved
Contents[hide] · 1 Tech Team Report - Kate/Gary · 2 Legal Team Report - Jilayne · 3 Outreach Team Report - Jack Tech Team Report - Kate/Gary[edit]· Spec · Focus on multiple formats · How do deal with XML, JSON, YAML · Proposal to link to software heritage identifies · SW heritage- presentation came out recently on how code should be ID’ed in repos · Seems to make sense to extend references to point to · General agreement on last tech call · Tooling · Got integrated on line tools up · License submittal · XML editor · Beta quality, ready to go. http://spdxtools.sourceauditor.com · GSOC has worked very well · Should thank Google · Post on Website · Could use some social media · Topic for Outreach · May want to point projects to FSF software reuse site which advocates SPDX · Would be a good credibility builder · The link is on the site, but not easy to find · Other Groups · NTIA- Government group defining a BoM standard · Prototype work in health care · Fingers crossed that they will use SPDX · SWID · Active discussion · Mapping fields between SPDX an SW · Other groups may be able to use our use cases · They are wrestling with what is a components · Also, how a company can keep their own supplementary license list · Can do via a SPDX doc that is just licenses and make external reference to · Steve W will help out Legal Team Report - Jilayne[edit]· New license backlog · Trying to clear out for next release · Looking forward to new tooling · Could use testing help · Need some Python help on the tools · Mostly fixing up formatting stuff Outreach Team Report - Jack[edit]· Little activity · Regrouping
Attendees[edit]· Phil Odence, Black Duck/Synopsys · Kate Stewart, Linux Foundation · Gary O’Neall, SourceAuditor · Matthew Crawford, ARM · Jilayne Lovejoy, ARM · Jack Manbeck, TI · Steve Winslow, LF · Mark Atwood, Amazon
|
|
|
|
Thursday SPDX General Meeting Reminder
Phil Odence
No guest presentation this month, so anticipate a shorter meeting.
(I’m open to ideas for guest presentations.)
GENERAL MEETING
Meeting Time: Thurs, Oct 4, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval: https://wiki.spdx.org/view/General_Meeting/Minutes/2018-09-06
Technical Team Report – Kate/Gary
Legal Team Report – Jilayne/Paul
Outreach Team Report – Jack
Any Cross Functional Issues –All
L. Philip Odence
|
|
|
|
Re: Thursday SPDX General Meeting Reminder
On 4 Sep 2018 10:45 p.m., "Phil Odence" <phil.odence@...> wrote: |
|
|
|
Thursday SPDX General Meeting Reminder
Phil Odence
This month’s guest speaker is Mark Gisi. Many of you know Mark from his big contributions over the years to SPDX and OpenChaiun. He has a really interesting topic to share. I’m disappointed that I have a conflict. One of the other SPDX Core Team Members will host. Phil Odence
Abstract ----------- The union of SPDX data and a blockchain ledger is a match made in heaven. This union enables us to provide both *accountability* and *access* to SPDX data for manufactured products that are comprised on software components contributed by dozens of suppliers. We will present a use case of how we track SPDX data (along with source code and notices) across the manufacturing supply chain of a device running the Zephyr operating system runtime. Bio ---- Mark Gisi, Directory of Intellectual Property and Open Source at Wind River Systems, has been managing Open Source policies and programs for the past 12 years. Mark contributes to the Linux Foundation’s SPDX project, OpenChain Project and the Hyperledger Project’s SParts (Software Parts) lab initiative. Mark holds a MS degree in Computer Science and a BS degree in Mathematics.
GENERAL MEETING
Meeting Time: Thurs, Sept 6, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval: https://wiki.spdx.org/view/General_Meeting/Minutes/2018-08-02
Guest Presentation – Mark
Technical Team Report – Kate/Gary
Legal Team Report – Jilayne/Paul
Outreach Team Report – Jack
Any Cross Functional Issues –All
|
|
|
|
Re: OpenChain @ Open Source Summit 2018 (Vancouver) on August 28th
Shane Coughlan <coughlan@...>
Dear all
toggle quoted message
Show quoted text
This is the final schedule for the OpenChain workshop at Open Source Summit North America today: 13:00 - Welcome and Status Update 13:10 - Work Team - Conformance 13:30 - Adjacent Project Status Overviews - SPDX - FOSSology - Clearly Defined 14:00 - Networking Break 14:30 - Forward Planning - Strategy and Tactics 15:00 - Work Team - Specification 15:50 - Networking Break 16:20 - Work Team - Curriculum 16:40 - Work Team - Onboarding 17:00 - Close Join us between 1:00 – 5:00 pm at Room 205, Vancouver Convention Centre West Regards Shane On Aug 27, 2018, at 3:10, Shane Coughlan <coughlan@...> wrote: |
|
|
|
OpenChain @ Open Source Summit 2018 (Vancouver) on August 28th
Shane Coughlan <coughlan@...>
Dear all
This is a reminder that there will be an OpenChain workshop at Open Source Summit North America this week. We are coordinating with our friends at the SPDX Project, who also have a workshop on the 28th, to ensure people can attend key parts of both. Here are our details: OpenChain Mini Summit Date: Tuesday, August 28 Time: 1:00 – 5:00 pm Location: Room 205, Vancouver Convention Centre West Registration Costs: Complimentary Here is our schedule: 13:00 - Welcome and Status Update 13:10 - Work Team - Conformance 13:30 - Forward Planning - Strategy and Tactics 14:00 - Networking Break 14:30 - Adjacent Project Status Overviews - SPDX - FOSSology - Clearly Defined 15:00 - Work Team - Specification 15:50 - Networking Break 16:20 - Work Team - Curriculum 16:40 - Work Team - Onboarding 17:00 - Close Public announcement here: https://www.openchainproject.org/news/2018/08/17/openchain-workshop-open-source-summit-north-america There will be an informal OpenChain social gathering at 6pm in the Mosaic Grill in the Hyatt Regency at 6pm. Spaces are limited to 20 people. We only have a couple of spots (literally) left so RSVP is strongly advised. I look forward to seeing you in Vancouver! Regards Shane -- Shane Coughlan General Manager, OpenChain e: coughlan@... p: +81 (0) 80 4035 8083 w: www.openchainproject.org Professional profile: http://www.linkedin.com/in/shanecoughlan Get my free book on open source compliance here: https://www.linuxfoundation.org/news-media/research/practical-gpl-compliance |
|
|
|
August SPDX General Meeting Minutes
Phil Odence
https://wiki.spdx.org/view/General_Meeting/Minutes/2018-08-02
General Meeting/Minutes/2018-08-02< General Meeting | Minutes · Attendance: 12 · Lead by Phil Odence · Minutes of July meeting approved Contents[hide] · 1 Guest Presentation, - Supporting Continuous Integration, Ndip Tanyi · 2 Tech Team Report - Kate/Gary · 3 Legal Team Report - Jilayne/Paul · 4 Outreach Team Report - Jack Guest Presentation, - Supporting Continuous Integration, Ndip Tanyi[edit]· Idea- Automatically generating SPDX docs as part of CI process · Scope · Focused on Travis CI, NPM and Python · Demo · Add an install and SPDX build script to build script · And some statements to push the SPDX docs to the repo · Future extensions · Pushing to GItHub as a commit · Other CI systems · Has been designed generically enough to be extensible to other languages and environments
Tech Team Report - Kate/Gary[edit]· Tooling · Mostly GSoC work · License XML Editor · Gary posting new version today http://spdxtools.sourceauditor.com · If you want to test, make it clear that these are tests, to make clear in the pull requests · Spec work · Working for consistency in external identifiers · Interest coming up from security community · SWID · NTIA conference that featured SPDX · Working in interop and SPDX standardization · Looking at spinning up a security subgroup · Interest from US House and Senate in a SW BoM and SPDX is on the docket · NIST and other organizations are involved in the background
Legal Team Report - Jilayne/Paul[edit]· 3.2 is out · Some clean up of old issues in process · Request to that legal folks try out Tushar’s tool · Exceptions · The term is imperfect as it handles some items that are not “exceptions” per se · Patent grants, for example · Considering changing the term to be more neutral and inclusive · “Modifiers” maybe? · Will send an email to a wide audience get people thinking about it and set up a special meeting
Outreach Team Report - Jack[edit]· Website · Making more sense of the License List and Documents section · Shane Coughlin, from Open Chain, is getting involved · Outreach to companies · New time for Outreach calls is 7pm EDT · (Shane is in Japan) · OSS Summit · Backoff on the Tuesday · And a session on Consuming SPDX
Attendees[edit]· Phil Odence, Black Duck/Synopsys · Ndip Tanyi, Alberta University · Tushar Mittal, GSoC Student · Gary O’Neall, SourceAuditor · Yash Nisar, GSoC Student · Jack Manbeck, TI · Steve Winslow, LF · Jilayne Lovejoy, ARM · Paul Madick, Dimension Data · Mike Dolan, Linux Foundation · Matije Suklje, Liferay · Mark Atwood, Amazon
|
|
|
|
Thursday SPDX General Meeting Reminder
Phil Odence
This month’s guest speaker is one of our Google Summer of Code Students, Ndip Tanyi. Originally from Cameroon where he did his undergraduate. He is currently enrolled in a masters degree in computer science at Alberta University. He is passionate about computer code and innovation as a whole.
Ndip will be speaking about his project, a build tool for SPDX file generation. The idea is to create plug-ins to support generating valid SPDX docs in continuous integration environments.
GENERAL MEETING
Meeting Time: Thurs, Aug, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
New dial in number: 415-881-1586 No PIN needed
The weblink for screenshare will stay the same at:
Administrative Agenda Attendance Minutes Approval: https://wiki.spdx.org/view/General_Meeting/Minutes/2018-07-11
Guest Presentation – Ndip
Technical Team Report – Kate/Gary
Legal Team Report – Jilayne/Paul
Outreach Team Report – Jack
Cross Functional Issues –All
|
|
|
|
SPDX July General Meeting Minutes
Phil Odence
https://wiki.spdx.org/view/General_Meeting/Minutes/2018-07-11
General Meeting/Minutes/2018-07-11< General Meeting | Minutes · Attendance: 10 · Lead by Phil Odence · Minutes of June meeting approved Contents[hide] · 1 Guest Presentation, Online XML Editor- Tushar Mittal · 3 Outreach Team Report - SteveW · 4 Legal Team Report - Jilayne Guest Presentation, Online XML Editor- Tushar Mittal[edit]· XML Editor for Editing Licenses · For contributors to License List · Demo · User can · upload flies, or · Specify one of the current licenses · Options · Text, Tree, Split View Editor · Text · Editor guides to sticking with SPDX license schema · Beautify cleans up XML nicely · Tree Editor · Operates on the same file · Easy way to modify attributes · Legal team is very enthusiastic about the tool · It will make their lives much easier.
Tech Team Report - Gary[edit]· GSoC · Good progress across the board · Tushar obviously has done some great work · Additionally upgrading Python libraries and work on build tools · Most calls focused on 2.2 list of potential enhancements and issues · Progress a little slow due to vacations · LinuxCon NA, Vancouver · There will be some tools work going on · Anyone interested should contact Gary or email the list
Outreach Team Report - SteveW[edit]· SPDX short form IDs has gone live · Includes guidelines for developers who want to add IDs to their files Legal Team Report - Jilayne[edit]· V3.2 of License List just released · Will be updating General Mailing list including stats on new licenses · Continuing to monitor pull requests · Today’s meeting will recap old/stale Attendees[edit]· Phil Odence, Black Duck/Synopsys · Tushar Mittal, GSoC Student · Gary O’Neall, SourceAuditor · Yash Nisar, GSoC Student · Dave Marr, Qualcomm · Steve Winslow, LF · Matthew Crawford, ARM · Mark Atwood, Amazon · Jilayne Lovejoy, ARM · Bradlee Edmondson, Harvard
|
|
|
|
Software Component Transparency - remote participation for July 19 meeting
John Scott <john.scott@...>
Fyi On July 10, 2018 at 4:12:18 PM, John Scott (john.scott@...) wrote:
|
|
|
|
Reminder: Next SPDX General Meeting and Special Guest July 12
Phil Odence
Hello All,
A reminder that we are pushing this month’s meeting out a week due to the US Holiday on Wednesday.
Joining us on the 12th will be one of our Google Summer of Code students, Tushar Mittal. Here’s what he’ll be presenting:
[GSoC Project Overview] Online XML Editor In this presentation, we'll talk about the work done on the XML editor project. It will include talking about the project and then a small presentation on what all features are provided and how to use them. This will help the members to understand the project better and give reviews, which would sum up to make the project more usable and user-friendly.
Tushar Mittal is a Computer Science undergraduate who loves to make things which makes life easier and solve problems. He is an active Open Source contributor and GSoC intern. He has a keen interest in everything related to Machine Learning and Blockchain. His favorite programming language is Python and currently, he mostly works with web development projects.
See you then!
Best, Phil L. Philip Odence
|
|
|
|
SPDX General Meeting 2018 (replacement)
Phil Odence
When: Occurs every month on the first Thursday of the month from 11:00 AM to 12:00 PM effective 8/2/2018 until 2/2/2019. (UTC-05:00) Eastern Time (US & Canada) Where: Bridge info enclosed *~*~*~*~*~*~*~*~*~* Please accept so this recurring meeting is on your calendar, however no need to send a response to me.
New dial in number:
415-881-1586 No PIN needed The weblink for screenshare will stay the same at:
|
|
|
|
July SPDX General Meeting
Phil Odence
When: Thursday, July 12, 2018 11:00 AM-12:00 PM. (UTC-05:00) Eastern Time (US & Canada) Where: Bridge info enclosed *~*~*~*~*~*~*~*~*~* New dial in number:
415-881-1586 No PIN needed The weblink for screenshare will stay the same at:
|
|
|
|
Canceled: SPDX General Meeting 2018
Phil Odence
As per my note to the general distribution list, I am cancelling this invitation and replacing with a new one from my Synopsys account which I will issue shortly. As long as you are
on the spdx@lists list, you will receive.
Note that due to the US Holiday, we will push July’s meeting a week later, so there will actually be two invitations forthcoming. Please accept both.
******* Note that we will be using a different dial in and different URL for future SPDX General Meetings.
Apologies for my having to send a new invitation. For some reason Outlook won’t let me update the original. So, you’ll have to delete the old. I called this one 2018, so there would be no confusion. (I hope)
Please accept so this recurring meeting is on your calendar, however no need to respond.
New dial in number:
415-881-1586 No PIN needed The weblink for screenshare will stay the same at:
|
|
|
|
SPDX June Gen Meeting Minutes - AND IMPORTANT SCHEDULING INFO
Phil Odence
The minutes are below. Thanks to Gary for managing.
IMPORTANT SCHEDULING INFO: Due to the US holiday, we will push the July meeting to July 12. Also, I need to reissue meeting invitations from my Synopsys account. Tomorrow, Tuesday, Boston morning time, I will cancel the exiting recurring meeting; in any case please make sure it is deleted from your calendar to avoid confusion. After cancelling the old, I will issue one invitation for the July 12 meeting and another recurring invitation for first Thursday of every month. Thanks, Phil
L. Philip Odence
https://wiki.spdx.org/view/General_Meeting/Minutes/2018-06-07
General Meeting/Minutes/2018-06-07< General Meeting | Minutes · Attendance: · Lead by Gary O'Neall · Minutes of May meeting approved Contents[hide] · 1 Outreach Team Report - Jack Outreach Team Report - Jack· Mail list migration on June 13th. Changing from spdx-biz to spdx-outreach for mail list name. spdx-general will become parent, all of others will be child. If signed up for any child, automatically parent. This will give us a master mail list. · Jack will be sending an email out on June 11th, apprising all of the mail list change. · Room reserved for SPDX plugfest at OSS for Aug 27th. · No update on the web site change. Agreement not to wake them up, and leave alone for now. Legal Team Report - Paul· Regular meetings in progress, knocking down issues happening in github · Meetings with GSoC students to cover requirements Tech Team Report - Gary· GSoC students all started, 2 working with legal team. · still waiting on spdx 2.1.1 to have proper generated .pdf, no comments back yet on updated version published on web. · spdx-spec issues are all tagged in github · most of focus is 2.2 at this point. Cross team - Gary· looking at getting GSoC student - probably Yash to present at next general call. Attendees· Gary O’Neall, SourceAuditor · Jack Manbeck, TI · Kate Stewart, Linux Foundation · Steve Winslow, LF · Paul Madick, Dimension Data · Jilayne Lovejoy, ARM
|
|
|
|
Re: Conversion to new email system complete
Bjoern Buerger <b.buerger@...>
Hi,
Am Wed, 13 Jun 2018 schrieb Manbeck, Jack via Lists.Spdx.Org: The conversion to the new email system is complete.Unfortunately, something really important is missing: lists.spdx.org mail is handled by 10 lb01.groups.io. lists.spdx.org mail is handled by 10 lb02.groups.io. lb01.groups.io has no AAAA record lb02.groups.io has no AAAA record It is 2018, for heaven's sake. Please add IPv6 Support for incoming and outgoing smtp. Ich just tried to subscribe with an IPv6 connected email account and subscription failed. With kind regards, Bjørn -- Pengutronix e.K. | Bjørn Bürger | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim | Phone: +49-5121-206917-5002 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | |
|
|
|
Conversion to new email system complete
Manbeck, Jack
All,
The conversion to the new email system is complete.
Best regards,
Jack Manbeck |
|
|