Date   

SPDX May General Meeting Minutes

Philip Odence
 


General Meeting/Minutes/2016-05-05

  • Attendance: 9
  • Lead by Phil Odence
  • Minutes of April meeting approved


Tech Team Report - Kate/Gary[edit]

  • Spec
    • Getting to final stages
    • Collab Summit issues have been addressed
    • People working on the spec have reviewed
    • Then will go out for broader review in a couple weeks
    • Transitioning documentation to Git
  • 2.1 Tools
    • Tool dev is finding some inconsistencies in tool
      • e.g. No license, no assertion 

Outreach Team Report - Jack[edit]

  • Website
    • Still trying to finish off
    • Important call today


Legal Team Report - Jilayne/Paul[edit]

  • Special Call today
    • Working on XML files today
    • What review will look like
    • So work can be easily divided
  • License review tasks at hand-
    • 300 license need review (no more than 30 person-hours)
    • This is a rough look to make sure machine conversion hasn’t made obvious mistakes
    • Hoping to have done for next release of license list, end of Jun
    • Will make the call early in June.
  • Regular business of Legal Team
    • Some normal license approvals
    • Issue of Public Domain re-raised and discussed
      • Back burnered for future discussion
      • May involve a standard govt header

Cross Functional Topics - Phil[edit]

  • Google SoC
    • Will not participate this year
  • Uber Conf
    • Need to find how our account was originally created
    • Kate building new one
  • Guest stars
    • Sam Ellis, Dave Marr, one more in pipeline
  • OSI Meeting

Attendees[edit]

  • Phil Odence, Black Duck
  • Kate Stewart, Linux Foundation
  • Jilayne Lovejoy, ARM
  • Mark Gisi, Wind River 
  • Jack Manbeck, TI
  • Scott Sterling, Palamida
  • Gary O’Neill, SourceAuditor 
  • Paul Madick, Dimension Data
  • Robin Gandhi, UNO


Reminder: Thursday SPDX General Meeting

Philip Odence
 

For the week, it will just be the normal agenda, so the meeting is likely to run only 30 minutes. 
We have guest speakers lined up for the next several meetings.


GENERAL MEETING

Meeting Time: Thurs, May 5, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html

Conf call dial-in:
Optional dial in number: 877-297-7470
Alternate number: 512-910-4433
No PIN needed


Administrative Agenda
Attendance


Technical Team Report – Kate 


Legal Team Report – Jilayne


Business Team Report – Jack


Cross Functional Issues - Phil


Re: SPDX License List v2.4 released

Sam Ellis <Sam.Ellis@...>
 

Yes, I confirm it’s fixed.

 

From: Gary O'Neall [mailto:gary@...]
Sent: 21 April 2016 17:38
To: Sam Ellis; 'J Lovejoy'; 'Zavras, Alexios'
Cc: 'SPDX-legal'; 'SPDX-general'
Subject: RE: SPDX License List v2.4 released

 

Hi Sam,

 

I believe this was resolved a couple weeks back.

 

I just checked and I did not see any error.  You may want to try clearing the browser cache and see if the error still occurs.


Gary

 

 

From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Sam Ellis
Sent: Friday, April 8, 2016 10:05 AM
To: J Lovejoy; Zavras, Alexios
Cc: SPDX-legal; SPDX-general
Subject: RE: SPDX License List v2.4 released

 

I see an error reported at the top of this page:

 

https://spdx.org/licenses/Artistic-2.0

 

The error is:

 

error on line 213 at column 22: Entity 'copy' not defined

 

I obtained this URL by searching for “spdx perl artistic license 2.0” in google.

 

Interestingly there is no error here:

 

https://spdx.org/licenses/Artistic-2.0.html

 

Do we deliberately provide two URLs for each license?

 

From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of J Lovejoy
Sent: 08 April 2016 17:36
To: Zavras, Alexios
Cc: SPDX-legal; SPDX-general
Subject: Re: SPDX License List v2.4 released

 

Thanks for catching this Alexios - you are right as to where the error is coming from… 

 

I’ll work with Gary to fix this.

 

Jilayne

 

SPDX Legal Team co-lead
opensource@...

 

On Apr 8, 2016, at 6:52 AM, Zavras, Alexios <alexios.zavras@...> wrote:

 

This license is empty: http://spdx.org/licenses/NLOD-1.0.html

I assume because the reference (at least in the Excel file) is to “NLOD-1..txt” instead of “NLOD-1.0.txt”.

 

-- zvr

 

From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of J Lovejoy
Sent: Tuesday, April 05, 2016 12:41 AM
To: SPDX-legal <spdx-legal@...>; SPDX-general <spdx@...>
Subject: SPDX License List v2.4 released

 

Hi All,

 

Version 2.4 of the SPDX License List is now available in the usual places.  We added 9 new licenses for this release, including some international licenses and newly-approved by the OSI.http://spdx.org/licenses/

 

You will also notice a new look to the license list pages - this is part of the new website revamp.  You will see the new look on the rest of the pages soon!

 

Thanks,

Jilayne

 

 

SPDX Legal Team co-lead
opensource@...

 

Intel Deutschland GmbH
Registered Address: Am Campeon 10-12, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Christin Eisenschmid, Christian Lamprechter
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928

 

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: SPDX License List v2.4 released

Gary O'Neall
 

Hi Sam,

 

I believe this was resolved a couple weeks back.

 

I just checked and I did not see any error.  You may want to try clearing the browser cache and see if the error still occurs.


Gary

 

 

From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Sam Ellis
Sent: Friday, April 8, 2016 10:05 AM
To: J Lovejoy; Zavras, Alexios
Cc: SPDX-legal; SPDX-general
Subject: RE: SPDX License List v2.4 released

 

I see an error reported at the top of this page:

 

https://spdx.org/licenses/Artistic-2.0

 

The error is:

 

error on line 213 at column 22: Entity 'copy' not defined

 

I obtained this URL by searching for “spdx perl artistic license 2.0” in google.

 

Interestingly there is no error here:

 

https://spdx.org/licenses/Artistic-2.0.html

 

Do we deliberately provide two URLs for each license?

 

From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of J Lovejoy
Sent: 08 April 2016 17:36
To: Zavras, Alexios
Cc: SPDX-legal; SPDX-general
Subject: Re: SPDX License List v2.4 released

 

Thanks for catching this Alexios - you are right as to where the error is coming from… 

 

I’ll work with Gary to fix this.

 

Jilayne

 

SPDX Legal Team co-lead
opensource@...

 

On Apr 8, 2016, at 6:52 AM, Zavras, Alexios <alexios.zavras@...> wrote:

 

I assume because the reference (at least in the Excel file) is to “NLOD-1..txt” instead of “NLOD-1.0.txt”.

 

-- zvr

 

From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of J Lovejoy
Sent: Tuesday, April 05, 2016 12:41 AM
To: SPDX-legal <spdx-legal@...>; SPDX-general <spdx@...>
Subject: SPDX License List v2.4 released

 

Hi All,

 

Version 2.4 of the SPDX License List is now available in the usual places.  We added 9 new licenses for this release, including some international licenses and newly-approved by the OSI.http://spdx.org/licenses/

 

You will also notice a new look to the license list pages - this is part of the new website revamp.  You will see the new look on the rest of the pages soon!

 

Thanks,

Jilayne

 

 

SPDX Legal Team co-lead
opensource@...

 

Intel Deutschland GmbH
Registered Address: Am Campeon 10-12, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Christin Eisenschmid, Christian Lamprechter
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928

 

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: SPDX License List v2.4 released

Gary O'Neall
 

Hi Sam,

 

Yes - we deliberately produce both files.

 

Originally, the site was created with HTML files without the .html extension.


There were problems in rendering pages.  After many attempts at trying to configure the webserver to properly encode/handle the errors, we decided to move to generating pages with the .html suffixes.

 

Since there were some applications accessing the files without extensions programmatically, we decided to generate both files for backwards compatibility reasons - they are exact duplicates. 

 

It is recommended to use the .html rather than the files with no extensions.

 

It looks like the rendering error is due to the &copy in the template which was recently added.

 

I'm not sure why this is tripping on this, but if you run the W3C validator on the file, it seems to complain about the encoding configuration of the webserver. 

 

I'll re-generate the files and change the &copy to (c) which should fix the problem.  I'll include this with the fix for the NLOD-1.0 license.

 

I should have the files uploaded within the next day or so.

 

Gary

 

From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of Sam Ellis
Sent: Friday, April 8, 2016 10:05 AM
To: J Lovejoy; Zavras, Alexios
Cc: SPDX-legal; SPDX-general
Subject: RE: SPDX License List v2.4 released

 

I see an error reported at the top of this page:

 

https://spdx.org/licenses/Artistic-2.0

 

The error is:

 

error on line 213 at column 22: Entity 'copy' not defined

 

I obtained this URL by searching for “spdx perl artistic license 2.0” in google.

 

Interestingly there is no error here:

 

https://spdx.org/licenses/Artistic-2.0.html

 

Do we deliberately provide two URLs for each license?

 

From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of J Lovejoy
Sent: 08 April 2016 17:36
To: Zavras, Alexios
Cc: SPDX-legal; SPDX-general
Subject: Re: SPDX License List v2.4 released

 

Thanks for catching this Alexios - you are right as to where the error is coming from… 

 

I’ll work with Gary to fix this.

 

Jilayne

 

SPDX Legal Team co-lead
opensource@...

 

On Apr 8, 2016, at 6:52 AM, Zavras, Alexios <alexios.zavras@...> wrote:

 

I assume because the reference (at least in the Excel file) is to “NLOD-1..txt” instead of “NLOD-1.0.txt”.

 

-- zvr

 

From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of J Lovejoy
Sent: Tuesday, April 05, 2016 12:41 AM
To: SPDX-legal <spdx-legal@...>; SPDX-general <spdx@...>
Subject: SPDX License List v2.4 released

 

Hi All,

 

Version 2.4 of the SPDX License List is now available in the usual places.  We added 9 new licenses for this release, including some international licenses and newly-approved by the OSI.http://spdx.org/licenses/

 

You will also notice a new look to the license list pages - this is part of the new website revamp.  You will see the new look on the rest of the pages soon!

 

Thanks,

Jilayne

 

 

SPDX Legal Team co-lead
opensource@...

 

Intel Deutschland GmbH
Registered Address: Am Campeon 10-12, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Christin Eisenschmid, Christian Lamprechter
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928

 

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: SPDX License List v2.4 released

Sam Ellis <Sam.Ellis@...>
 

I see an error reported at the top of this page:

 

https://spdx.org/licenses/Artistic-2.0

 

The error is:

 

error on line 213 at column 22: Entity 'copy' not defined

 

I obtained this URL by searching for “spdx perl artistic license 2.0” in google.

 

Interestingly there is no error here:

 

https://spdx.org/licenses/Artistic-2.0.html

 

Do we deliberately provide two URLs for each license?

 

From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of J Lovejoy
Sent: 08 April 2016 17:36
To: Zavras, Alexios
Cc: SPDX-legal; SPDX-general
Subject: Re: SPDX License List v2.4 released

 

Thanks for catching this Alexios - you are right as to where the error is coming from… 

 

I’ll work with Gary to fix this.

 

Jilayne

 

SPDX Legal Team co-lead
opensource@...

 

On Apr 8, 2016, at 6:52 AM, Zavras, Alexios <alexios.zavras@...> wrote:

 

This license is empty: http://spdx.org/licenses/NLOD-1.0.html

I assume because the reference (at least in the Excel file) is to “NLOD-1..txt” instead of “NLOD-1.0.txt”.

 

-- zvr

 

From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of J Lovejoy
Sent: Tuesday, April 05, 2016 12:41 AM
To: SPDX-legal <spdx-legal@...>; SPDX-general <spdx@...>
Subject: SPDX License List v2.4 released

 

Hi All,

 

Version 2.4 of the SPDX License List is now available in the usual places.  We added 9 new licenses for this release, including some international licenses and newly-approved by the OSI.http://spdx.org/licenses/

 

You will also notice a new look to the license list pages - this is part of the new website revamp.  You will see the new look on the rest of the pages soon!

 

Thanks,

Jilayne

 

 

SPDX Legal Team co-lead
opensource@...

 

Intel Deutschland GmbH
Registered Address: Am Campeon 10-12, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Christin Eisenschmid, Christian Lamprechter
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928

 

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: SPDX License List v2.4 released

J Lovejoy
 

Thanks for catching this Alexios - you are right as to where the error is coming from… 

I’ll work with Gary to fix this.

Jilayne

SPDX Legal Team co-lead
opensource@...


On Apr 8, 2016, at 6:52 AM, Zavras, Alexios <alexios.zavras@...> wrote:

I assume because the reference (at least in the Excel file) is to “NLOD-1..txt” instead of “NLOD-1.0.txt”.
 
-- zvr
 
From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of J Lovejoy
Sent: Tuesday, April 05, 2016 12:41 AM
To: SPDX-legal <spdx-legal@...>; SPDX-general <spdx@...>
Subject: SPDX License List v2.4 released
 
Hi All,
 
Version 2.4 of the SPDX License List is now available in the usual places.  We added 9 new licenses for this release, including some international licenses and newly-approved by the OSI.http://spdx.org/licenses/
 
You will also notice a new look to the license list pages - this is part of the new website revamp.  You will see the new look on the rest of the pages soon!
 
Thanks,
Jilayne
 
 

SPDX Legal Team co-lead
opensource@...

 

Intel Deutschland GmbH
Registered Address: Am Campeon 10-12, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Christin Eisenschmid, Christian Lamprechter
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928



Re: SPDX License List v2.4 released

Alexios Zavras
 

This license is empty: http://spdx.org/licenses/NLOD-1.0.html

I assume because the reference (at least in the Excel file) is to “NLOD-1..txt” instead of “NLOD-1.0.txt”.

 

-- zvr

 

From: spdx-legal-bounces@... [mailto:spdx-legal-bounces@...] On Behalf Of J Lovejoy
Sent: Tuesday, April 05, 2016 12:41 AM
To: SPDX-legal <spdx-legal@...>; SPDX-general <spdx@...>
Subject: SPDX License List v2.4 released

 

Hi All,

 

Version 2.4 of the SPDX License List is now available in the usual places.  We added 9 new licenses for this release, including some international licenses and newly-approved by the OSI.http://spdx.org/licenses/

 

You will also notice a new look to the license list pages - this is part of the new website revamp.  You will see the new look on the rest of the pages soon!

 

Thanks,

Jilayne

 

 

SPDX Legal Team co-lead
opensource@...

 

Intel Deutschland GmbH
Registered Address: Am Campeon 10-12, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Christin Eisenschmid, Christian Lamprechter
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928


SPDX April General Meeting Minutes

Philip Odence
 


General Meeting/Minutes/2016-04-07

  • Attendance: 14
  • Lead by Phil Odence
  • Minutes of March meeting approved


Special Guest Star - Kris Reeves[edit]

  • Background
    • Working with the team over the past few months
    • Focused on improving templates and matching process
    • Has been building tools for his NodeJS environment to discover licenses to meet client needs
    • Created a tool that makes a binary decision about whether there are any problematic licenses, yes or no
    • Wasn’t working well initially because of “naive” approach in the package he was using Node License Finder
    • Found 3 packages that were trying to do this
      • Node Packet Manager used SPDX short names
      • Which got Kris onto SPDX
      • Tool was not using matching guidelines properly
    • So Kris got onto trying to trying to fix
  • SPDX Work
    • Felt there needed to be some changes
    • Started submitted bug reports
    • Conclusion:
      • The templates were the right place to address issues he was running into
      • Developed tool in parallel to working on:
        • More Mark Up
          • A big jump
          • XML files that contain all info about a license
          • Obsoleting spreadsheet
        • Better Mark Up
          • XML is familiar and available
          • Self-contained
          • Better to have the matching info in the data for tool consistency
        • Easier Contribution
          • Separate GIt repo, bugzilla, etc system make contribution awkward
          • Feels GitHub web interface streamlines all that, so advocating we migrate in that direction
      • Ideally all this reduces workload on Jilayne
      • Status
        • Has taken passes at converting licenses and submitted pull request
        • Still some issues he’ll work on this weekend.
        • Getting very close


Tech Team Report - Kate/Gary[edit]

  • Specification Update:
    • Good Collab Summit
      • Office hours talk kicked off with some good brainstorming on aggregating SPDX docs
        • Package referring to other packages and best ways to refer to and store relationships
      • Gary and Kris’ prevention was well received.
      • Spec review went very well
        • Bill and Yev are looking at adding some new classes
        • Helpful input from Robin Gandi
      • Looking for wider feedback in May and new release in June.
        • Possible August plug fest
      • FOSSology team did a talk that included SPDX
  • This week’s call
    • Addressed all open items from Collab Summit
  • Tools Update:
    • Bracing for spec to be finished to update tools
    • Kris has contributed some great tooling as well

Outreach Team Report - Jack[edit]

  • Website
    • New site is now staged
    • Reviewed at Collab Summit
      • Some limitations we will need to work around
      • Navigation really needs sorting out
    • Still hoping for April launch
  • Webinars
    • Met with LF Marketing Team
    • Will help us with a webinar as a trial
    • Jack creating one pager to advertise
    • Suggested piggy backing on a new initiative being launched in July- Professional Open Source

Legal Team Report - Jilayne/Paul[edit]

  • License list v2.4 is up
  • Lots of work on new format that Kris talked about
    • Legal team needs to review how the output looks
    • And to take another pass at the licenses
  • Special legal team meeting today immediately following

Cross Functional Topics - Phil[edit]

  • Google SoC
    • We are on the list of LF projects
    • No requests yet, but expecting some
  • Still looking for special guest stars to speak at General Meetings
    • Jilayne has an idea for July.

Attendees[edit]

  • Phil Odence, Black Duck
  • Kate Stewart, Linux Foundation
  • Pierre LaPointe, nexB 
  • Jilayne Lovejoy, ARM
  • Mark Gisi, Wind River 
  • Michael Herzog- nexB
  • Dave Marr, Qualcomm
  • Jack Manbeck, TI
  • Kris Reeves
  • Scott Sterling, Palamida
  • Josiah Krutz, UNO
  • Matt Germonprez, UNO
  • Gary O’Neill, SourceAuditor 
  • Paul Madick, Dimension Data


Re: SPDX License List v2.4 released

Philippe Ombredanne
 

On Tue, Apr 5, 2016 at 11:08 PM, Gary O'Neall <gary@...> wrote:
Greetings all - The site has now been updated with conforming HTML.
Thank you Gary. That was quick!

--
Cordially
Philippe Ombredanne

+1 650 799 0949 | pombredanne@...
DejaCode : What's in your code?! at http://www.dejacode.com
nexB Inc. at http://www.nexb.com


Reminder: Thursday SPDX General Meeting with (yet another) Special Guest Star

Philip Odence
 

Special Presentation: Kris Reeves will be sharing a boiled down version of the presentation he did at the Collab Summit: 
One of the challenges in open source license compliance is just identifying which licenses are present in the source code. SPDX has created a set of matching guidelines and a license template syntax to help tools match text against the SPDX license list. Kris Reeves will share his practical experience using the SPDX license list for identifying licenses in node.js and how it has led to improvements both in the SPDX license list and making the SPDX license list more accessible for contributors. We will discuss how you can review and make contributions to the SPDX license matching syntax. We will also discuss how you can use the SPDX license list in your own software tools using some of the new formats available on spdx.org/licenses.
Kris writes code for a living and plays Tetris, usually in that order.


GENERAL MEETING

Meeting Time: Thurs, April 7, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html

Conf call dial-in:
Optional dial in number: 877-297-7470
Alternate number: 512-910-4433
No PIN needed


Administrative Agenda
Attendance


Special Presentation – Kris 


Technical Team Report – Kate 


Legal Team Report – Jilayne


Business Team Report – Jack


Cross Functional Issues - Phil


Re: SPDX License List v2.4 released

Gary O'Neall
 

Greetings all - The site has now been updated with conforming HTML.

Gary

-----Original Message-----
From: spdx-legal-bounces@... [mailto:spdx-legal-
bounces@...] On Behalf Of Philippe Ombredanne
Sent: Tuesday, April 5, 2016 6:45 AM
To: SPDX-legal
Cc: SPDX-general
Subject: Re: SPDX License List v2.4 released

On Tue, Apr 5, 2016 at 12:40 AM, J Lovejoy <opensource@...>
wrote:
Hi All,

Version 2.4 of the SPDX License List is now available in the usual
places.
We added 9 new licenses for this release, including some
international
licenses and newly-approved by the OSI. http://spdx.org/licenses/

You will also notice a new look to the license list pages - this is
part of the new website revamp. You will see the new look on the
rest
of the pages soon!
Excellent!
Note that none of the generated files are valid HTML.
See http://spdx.org/licenses/Glide for instance With the .html
extension, the browsers deal with the quirks somehow:
http://spdx.org/licenses/Glide.html

So this is serious but not critical.

All these files are declared as being strict XHTML (meaning strict
XML).
But they are not as you can see here:
https://validator.w3.org/check?uri=http://spdx.org/licenses/Glide.html

--
Cordially
Philippe Ombredanne

+1 650 799 0949 | pombredanne@...
DejaCode : What's in your code?! at http://www.dejacode.com nexB Inc.
at http://www.nexb.com _______________________________________________
Spdx-legal mailing list
Spdx-legal@...
https://lists.spdx.org/mailman/listinfo/spdx-legal


Re: SPDX License List v2.4 released

Gary O'Neall
 

Thanks Philippe for pointing this out.

Some of these errors were introduced when we updated the templates for a new
website look.

I always visually check the pages, but I'll add running them through a
validator to the checklist when we update the site.

I hope to get these corrected in the next day or so.

Gary

-----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...]
On Behalf Of Philippe Ombredanne
Sent: Tuesday, April 5, 2016 6:45 AM
To: SPDX-legal
Cc: SPDX-general
Subject: Re: SPDX License List v2.4 released

On Tue, Apr 5, 2016 at 12:40 AM, J Lovejoy <opensource@...>
wrote:
Hi All,

Version 2.4 of the SPDX License List is now available in the usual
places.
We added 9 new licenses for this release, including some
international
licenses and newly-approved by the OSI. http://spdx.org/licenses/

You will also notice a new look to the license list pages - this is
part of the new website revamp. You will see the new look on the
rest
of the pages soon!
Excellent!
Note that none of the generated files are valid HTML.
See http://spdx.org/licenses/Glide for instance With the .html
extension, the browsers deal with the quirks somehow:
http://spdx.org/licenses/Glide.html

So this is serious but not critical.

All these files are declared as being strict XHTML (meaning strict
XML).
But they are not as you can see here:
https://validator.w3.org/check?uri=http://spdx.org/licenses/Glide.html

--
Cordially
Philippe Ombredanne

+1 650 799 0949 | pombredanne@...
DejaCode : What's in your code?! at http://www.dejacode.com nexB Inc.
at http://www.nexb.com _______________________________________________
Spdx mailing list
Spdx@...
https://lists.spdx.org/mailman/listinfo/spdx


Re: SPDX License List v2.4 released

Philippe Ombredanne
 

On Tue, Apr 5, 2016 at 12:40 AM, J Lovejoy <opensource@...> wrote:
Hi All,

Version 2.4 of the SPDX License List is now available in the usual places.
We added 9 new licenses for this release, including some international
licenses and newly-approved by the OSI. http://spdx.org/licenses/

You will also notice a new look to the license list pages - this is part of
the new website revamp. You will see the new look on the rest of the pages
soon!
Excellent!
Note that none of the generated files are valid HTML.
See http://spdx.org/licenses/Glide for instance
With the .html extension, the browsers deal with the quirks somehow:
http://spdx.org/licenses/Glide.html

So this is serious but not critical.

All these files are declared as being strict XHTML (meaning strict XML).
But they are not as you can see here:
https://validator.w3.org/check?uri=http://spdx.org/licenses/Glide.html

--
Cordially
Philippe Ombredanne

+1 650 799 0949 | pombredanne@...
DejaCode : What's in your code?! at http://www.dejacode.com
nexB Inc. at http://www.nexb.com


SPDX License List v2.4 released

J Lovejoy
 

Hi All,

Version 2.4 of the SPDX License List is now available in the usual places.  We added 9 new licenses for this release, including some international licenses and newly-approved by the OSI.http://spdx.org/licenses/

You will also notice a new look to the license list pages - this is part of the new website revamp.  You will see the new look on the rest of the pages soon!

Thanks,
Jilayne


SPDX Legal Team co-lead
opensource@...



Re: Representing Projects Using SPDX 2.0

Gary O'Neall
 

Hi Robin,

 

Got a chance to read through the document.  Thanks for clearly laying out the issues with representing aggregated projects in SPDX - I think this is a good problem to solve for the general community and once we're done, I would like to include this in the SPDX best practices document (minus the DoSOCS specifics) if that is OK with you.

 

A couple high level points and feedback:

 

·         In general, I agree with the approach.

·         For Maven, you can map the Maven dependency scope to the SPDX relationship type.  You can see what I chose as mapping in the Java method scopeToRelationshipType in the SpdxDependencyInformation.java file.  If you see anything you disagree with - do me a favor and log an issue in the Git repository.

·         I would only use PACKAGE_OF if the included package is compiled in source as a sub-project (e.g. a subdirectory) or if it is a complete independent package being distributed as part of a larger distribution.  In a Maven POM file, they are likely dymaically linked dependencies.  From the PDF document, I wasn't sure of the specifics on the example - but they kind of looked liked dynamically linked dependencies.

·         Definition of Package, Application and Project - Here's the definition of a package from the RDF terms:  " A Package represents a collection of software files that are delivered as a single functional component. "  Would this definition apply to Project (e.g. the "files" would be the metadata files)?  We should consider adding this definition to the PDF specification to be consistent (or re-discussing the definition if any disagrees with the RDF definition).  I think it would be useful to define certain types of packages for the use in best practices (e.g. simple packages containing only source files, complex packages including dependency specifications, project packages which only contain metadata files, etc.).

 

Gary

 

From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Robin Gandhi
Sent: Sunday, March 20, 2016 7:35 PM
To: spdx@...
Subject: Representing Projects Using SPDX 2.0

 

Hello all,

 

In our work with a industry partner at the University of Nebraska-Omaha, a request that has come up often is related to project-level visibility of license information. While project-level information can be managed separately from SPDX, there is value in maintaining  the project-level information in a manner similar to the individual project components. However, from a tooling perspective, the project-level view is different from the typical “one-shot” SPDX document generation for a directory or compressed files. After examining the possibilities with the SPDX 2.0 spec, we have come-up with a proposal to handle project-level information in DoSOCSV2 implementation. Please see the attached document. Any and all feedback is welcome in helping us “figure” this out. Especially, if our interpretation and usage of the SPDX spec is appropriate. We also had some early discussions with Kate regarding this. 

 

Best Regards,

 

Robin and the UNO DoSOCSv2 team (Matt, Uday and Josiah)


Representing Projects Using SPDX 2.0

Robin Gandhi
 

Hello all,

In our work with a industry partner at the University of Nebraska-Omaha, a request that has come up often is related to project-level visibility of license information. While project-level information can be managed separately from SPDX, there is value in maintaining  the project-level information in a manner similar to the individual project components. However, from a tooling perspective, the project-level view is different from the typical “one-shot” SPDX document generation for a directory or compressed files. After examining the possibilities with the SPDX 2.0 spec, we have come-up with a proposal to handle project-level information in DoSOCSV2 implementation. Please see the attached document. Any and all feedback is welcome in helping us “figure” this out. Especially, if our interpretation and usage of the SPDX spec is appropriate. We also had some early discussions with Kate regarding this. 

Best Regards,

Robin and the UNO DoSOCSv2 team (Matt, Uday and Josiah)


Collab Summit SPDX Agenda

Philip Odence
 

Collab Summit is Tue, March 29 – Thu, March 31


Guide to the agenda for SPDX-interested folks

Tues

End of day panel. "Office hours” 

Brainstorming problem solving with participants

Gary's talk on templatization

Wed – Monument Peak Room

Morning

9-1 Tech Team (2.1 spec walk through)

Afternoon-

Git Hub -State of Open Source Licensing presentation

2:30- 5:30 Legal  Team (license templatization)

Thurs – Castle Peak Room

Morning- Open Chain

Afternoon- FOSSology

MarkG- Best practices presentation


Minutes from SPDX March General Meeting

Phil Odence <podence@...>
 



General Meeting/Minutes/2016-03-05

  • Attendance: 12
  • Lead by Phil Odence
  • Minutes of Feb meeting approved

Special Guest Star - Camille Moulin, Inno3[edit]

  • SPDX license list and expressions
    • Most dependency management solutions include licensing info
      • So you can extract and process the information
      • Most clients aren’t using this approach, rather they use scanners like Black Duck, Palamida, Protecode
    • The dependency manager approach
      • This approach is not as accurate as code scanners
      • No information at the sub level package
      • Depends on quality metadata
    • Metadata quality
      • 30% of all packages have no license data
    • SPDX Maturity
      • Still a young project
      • License expressions were a key addition
      • Need to be clear on license version numbers
      • SPDX is already adopted by most package manager, particularly newer ones
      • Some useful tools are available
    • Q&A
      • What improvements in SPDX are required?
        • He suggest separating License name from version number as separate attributes


Tech Team Report - Kate/Gary[edit]

  • Specification Update:
    • meetings over last month spent continuing to refine the External Reference proposal from Bill and Yev.
    • Its been refactored a couple of couple of time, and active discussion is ongoing.
    • Introduced Draft version of Appendix on how to specify "SPDX-License-Expression:" in file comments.
    • Summarized information on WIKI and input received from mail list. Team wants to make sure wording
    • at top makes it clear that if a license has a standard header, that header should be used.
  • Tools Update:
    • None this month

Outreach Team Report - Jack[edit]

  • Website
    • Still waiting on LF to update
  • Webinars
    • Just starting a regular series of Webinars
    • Jilayne was “volunteered” talk about the license list as the initial one
    • Talking to LF about hosting


Legal Team Report - Jilayne[edit]

  • Big Update: Templates Rehab
    • Have reviewed guidelines and mark-up method and implementation
      • Guidelines were human-friendly, not machine
      • Fairly major overhaul back end
      • Much better handling of single source than was possible with spreadsheet
    • Better for machines
    • Enabling others to contribute
    • Easier to maintain
  • OSI
    • Have synced up our new license process
    • Our heads up had been coming late, after their URLs were set up
    • Now we can pick short ID first

Cross Functional Topics - Phil[edit]

  • Collab meeting: Walk through of the 2.1 SPEC changes in a combined document. 
  • Google SoC
    • SPDX along was not accepted 
    • LF was, so we may be able to piggyback


Attendees[edit]

  • Phil Odence, Black Duck
  • Yev Bronshteyn, Black Duck
  • Kate Stewart, Linux Foundation
  • Pierre LaPointe, nexB 
  • Jilayne Lovejoy, ARM
  • Kirsten Newcomer, Black Duck
  • Mark Gisi, Wind River 
  • Michael Herzog- nexB
  • Dave Marr, Qualcomm
  • Jack Manbeck, TI
  • Camille Moulin, Inno3
  • Scott Sterling, Palamida


FW: FOSDEM talk - of interest to SPDX general meeting

Philip Odence
 

If you will be on the call today, here are the slides the Camille with go through. 

When you open them you can click on the browser to advance. And/or, we will try to have Camille share his screen.

From: Camille Moulin <cmoulin@...>
Date: Thursday, March 3, 2016 at 10:28 AM
To: Phil Odence <podence@...>
Cc: Jilayne Lovejoy <lovejoylids@...>, Kate Stewart <kstewart@...>
Subject: Re: FOSDEM talk - of interest to SPDX general meeting

Hi Phil,

Please find attached a few slides for my short presentation (its SVG that should open correctly in any modern browser).

Thanks,
Camille

541 - 560 of 1591