Date   

Help converting Fedora license IDs to SPDX format

Richard Hughes
 

Hi all,

I hope I'm asking in the right place, if not please disregard this
message. When writing AppStream metadata I'm required to convert the
existing Fedora license tag to an SPDX-compatible string so it can be
made into a hyperlink and be clickable. Most license IDs are either
the same, or map between one and the other with a small fudge factor,
but I'm having problems finding SPDX licences for a few Fedora IDs.

The fedora license ID's that probably should map to something (ideas welcome!):

* Afmparse
* AGPLv3 with exceptions
* AGPLv3+ with exceptions
* libtiff
* mecab-ipadic
* Mup
* OpenPBS
* softSurfer
* Teeworlds
* TORQUEv1.1
* UCD
* Vim
* XSkat
* Baekmuk
* Bitstream Vera
* Crystal Stacker
* Liberation
* MgOpen
* mplus

There are a few things that don't make sense, e.g.
* Public Domain
* Copyright only
* Freely redistributable without restriction
* Redistributable, no modification permitted

If anyone knows of any existing SPDX IDs suitable for any of the
above, I'd be very grateful. Thanks.

Richard


Thursday SPDX General Meeting

Philip Odence
 

REMINDER – Call for talks
Although LinuxCon NA is a few months off (Chicago, Aug 20) we are just one week from the deadline for submitting talks (May 2). “SPDX” is specifically mentioned under suggested topics, and we would love to get a few submissions. Jack tapped me to co-submit an update on SPDX 2.0 and we are talking about doing a hands on session with tools, but there’s certainly room for other topics. In particular, it would be interesting to get some talks on usage. The crowd would be really interested to understand what you are doing in your company with SPDX.  If you don’t feel you have a full 40 minutes worth but would like to talk, let me and Jack know and perhaps we can pull together 3 or 4 mini presentations. 

Here’s the link for submitting:


GENERAL MEETING

Meeting Time: Thurs, May 1, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html

Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 
Administrative Agenda
Attendance
Approve Minutes- Note, minutes have not yet been posted.


Technical Team Report - Kate


Legal Team Report - Jilayne


Business Team Report – Jack


Cross Functional Issues – Phil




Call for Talks...SPDX to rock LinuxCon

Philip Odence
 

Although LinuxCon NA is a few months off (Chicago, Aug 20) we are just one week from the deadline for submitting talks (May 2). “SPDX” is specifically mentioned under suggested topics, and we would love to get a few submissions. Jack tapped me to co-submit an update on SPDX 2.0 and we are talking about doing a hands on session with tools, but there’s certainly room for other topics. In particular, it would be interesting to get some talks on usage. The crowd would be really interested to understand what you are doing in your company with SPDX.  If you don’t feel you have a full 40 minutes worth but would like to talk, let me and Jack know and perhaps we can pull together 3 or 4 mini presentations. 

Here’s the link for submitting:


Re: TripleCheck 0.4

Lamons, Scott (Open Source Program Office) <scott.lamons@...>
 

Nick,

While I've only spent ~15min with the tool, I was very impressed with the ease of use and the ability to install this and get almost immediate and useful! results. Great work! I'll keep you posted on my findings.

Best Regards,
Scott

-----Original Message-----
From: spdx-bounces@lists.spdx.org [mailto:spdx-bounces@lists.spdx.org] On Behalf Of Nuno Brito
Sent: Monday, March 31, 2014 1:02 PM
To: Manbeck, Jack; spdx@lists.spdx.org
Subject: RE: TripleCheck 0.4

Hi Jack,

Thank you for the kind suggestion, very appreciated. I'd just ask to wait some weeks before the tool is listed. Some defects were reported that I'd like to get sorted before more users run the software.

Will get back to this message as soon as possible.

With kind regards,
Nuno Brito

On March 31, 2014 8:44:47 PM GMT+02:00, "Manbeck, Jack" <j-manbeck2@ti.com> wrote:
Nuno,

This is great news. I would like to list the tool on the SPDX website.
If you agree here is a link to the information I need. You can email it
to me direct and I can post it on the business team list if you do not
have access.

http://wiki.spdx.org/view/Business_Team/Tool_Link_Request

best regards,

Jack Manbeck
SPDX Site Admin and Business Team Co-Chair


-----Original Message-----
From: spdx-bounces@lists.spdx.org [mailto:spdx-bounces@lists.spdx.org]
On Behalf Of Nuno Brito
Sent: Thursday, March 27, 2014 12:54 PM
To: spdx@lists.spdx.org
Subject: TripleCheck 0.4

Dear SPDX group,

I'd like to announce the availability of a new SPDX editor/viewer.

Features:

- Create an SPDX document from:
-- a source code folder on disk
-- a zipped file on the network

- User interface:
-- Desktop UI
-- Access from a web browser

- Java based (tested under Windows and Linux)
- Tree navigation of files and folders
- Search features (name, hash, similar files)
- Basic SPDX editing features
- Metrics calculation (LOC, size, number of files)
- Basic license detection (detects GPL, LGPL, ...) headers in source
code
- Learning function (supports plugins, new licenses, ...)

The tool is freeware, code is released under the open source EUPL.

These are the first editions, many defects are present that we'll be
addressing in the upcoming months. If you have any requests or would
like to report a defect, just write us back an email.


At the moment only the tag/value format is supported. On our context
there wasn't much demand for supporting the XML version. An SPDX
document generated by our tool writes more information that what the
standard prescribes. For example, we include the hashes for other
algorithms because they help us finding trails of specific files across
the web.


This tool is useful if you need a quick way to visually generate an
SPDX document from a set of files on your disk. We were already
developing this kind of tools in the past for forensic analysis
purposes, moved recently to embrace the SPDX format.


For more details and download, please visit
http://www.triplecheck.de/download/


With kind regards,
Nuno Brito
_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx


Re: TripleCheck 0.4

Nuno Brito
 

Hi Jack,

I'd like to follow-up on this message if possible, the points from the requirement list were quoted to place my answers in context.


The tool must currently support SPDX (i.e. it is not a planned release).
Checked.


You have a page on your website that describes how the tool supports SPDX. This will be the link you provide in the Required Information below.
Checked.


Whether this is a community or commercial tool.
Community. Contributions from other developers interested in submitting additional license detection rules and fix defects are warmly welcome through github or email.

To clarify, I use this software on commercial practice to "scratch my own itch" [1] in the open source way of doing things.


A small logo which can be displayed. This is optional. If provided it must meet the following criteria
Attached to this message you find a TripleCheck with 251x122px as specified in the criteria


A short teaser of one or two sentences that describes your tool. No more than 160 characters including spaces
Straight-forward free tool to create SPDX reports right from your desktop.


A long description which can be up to a couple of paragraphs. Try not to get too verbose. You will have a link to your website for lengthy explanations.
The TripleCheck reporter is the ideal tool for a quick overlook of the licensing compliance status for a given set of source code files in your desktop computer (Windows, Linux, Mac OSX). If some license or copyright is not detected by the tool, you can easily add new rules by yourself. We are building a community around open source tooling and your help is welcome to grow the open database of licensing rules. Look for us on GitHub.


An http link to your site for access to the tool and information on how it supports SPDX.
http://www.triplecheck.de/download/



The current version of the tool is 0.6 so perhaps is better to omit version references and just call the tool "TripleCheck reporter". If there is anything else needed, please do let me know.

Just in case, I have prepared a short video showcasing the tool that you find at http://youtu.be/nljP6hC8xbc


With kind regards,
Nuno Brito

[1] http://en.wikipedia.org/wiki/The_Cathedral_and_the_Bazaar#Lessons_for_creating_good_open_source_software

---
email: nuno.brito@triplecheck.de
phone: +49 615 146 03187

On 2014-03-31 20:44, Manbeck, Jack wrote:
Nuno,
This is great news. I would like to list the tool on the SPDX website.
If you agree here is a link to the information I need. You can email
it to me direct and I can post it on the business team list if you do
not have access.
http://wiki.spdx.org/view/Business_Team/Tool_Link_Request
best regards,
Jack Manbeck
SPDX Site Admin and Business Team Co-Chair


Re: Special SPDX General Meeting & V2.0 Overview this Thursday

Lamons, Scott (Open Source Program Office) <scott.lamons@...>
 

Gary,

 

Thanks for the great presentation today on SPDX 2.0 modeling.   I really like the evolutionary approach (i.e. adding the relationship functionality on top of what’s already in the 1.2 spec with minimal deprecation).   This will make migration much easier and it makes a lot of sense from a business perspective.  

 

And I appreciate you taking it down to a reasonably non-technical level!

 

Regards,

Scott

 

From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Gary O'Neall
Sent: Wednesday, April 02, 2014 12:55 PM
To: 'Philip Odence'; spdx@...
Subject: RE: Special SPDX General Meeting & V2.0 Overview this Thursday

 

Greetings all.

 

Attached are a few slides I'll use to go over the SPDX 2.0 approach and model on tomorrow's call.   In the tech team we are starting to transition from working on the model to the specification itself.  I'll briefly go over the results of our modeling work some of the implications of our model on the 2.0 spec.

 

Gary

 

From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Philip Odence
Sent: Tuesday, April 1, 2014 11:20 AM
To: spdx@...
Subject: Special SPDX General Meeting & V2.0 Overview this Thursday

 

For those of you who were not able to make it to the face-to-face meetings at the Collab Summt, it was all very productive and successful. (See my latest blog to get a flavor to the interactions: http://spdx.org/news/2014-04-01/open-collaboration-changes-everything...including-spdx ) As a consequence of those meetings, there’s a been step increase in progress since the last General Meeting, so this is a good good one to catch and get an overview from the team leads.

 

AND, 

 

The Tech Team has been converging on the approach for V2.0. Gary has volunteered to provide an overview of the current thinking (which is gelling nicely) for anyone who’s not been a regular participant in the TT meetings. He will gear it towards business folks and lawyers, but anyone is welcome. This is a great opportunity to make sure we are all singing off the same sheet of music. We’ll target the last 30 mins of the meeting for this overview.

 

 

GENERAL MEETING

 

Meeting Time: Thurs, April 3, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html


Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 

 

Administrative Agenda

Attendance

Approve Minutes- 

 

Technical Team Report - Kate

 

 

Legal Team Report - Jilayne

 

 

Business Team Report – Jack

 

 

Cross Functional Issues – Phil

V2.0 Overview- Gary O'Neall

 

 

 


Re: Special SPDX General Meeting & V2.0 Overview this Thursday

Gary O'Neall
 

Greetings all.

 

Attached are a few slides I'll use to go over the SPDX 2.0 approach and model on tomorrow's call.   In the tech team we are starting to transition from working on the model to the specification itself.  I'll briefly go over the results of our modeling work some of the implications of our model on the 2.0 spec.

 

Gary

 

From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Philip Odence
Sent: Tuesday, April 1, 2014 11:20 AM
To: spdx@...
Subject: Special SPDX General Meeting & V2.0 Overview this Thursday

 

For those of you who were not able to make it to the face-to-face meetings at the Collab Summt, it was all very productive and successful. (See my latest blog to get a flavor to the interactions: http://spdx.org/news/2014-04-01/open-collaboration-changes-everything...including-spdx ) As a consequence of those meetings, there’s a been step increase in progress since the last General Meeting, so this is a good good one to catch and get an overview from the team leads.

 

AND, 

 

The Tech Team has been converging on the approach for V2.0. Gary has volunteered to provide an overview of the current thinking (which is gelling nicely) for anyone who’s not been a regular participant in the TT meetings. He will gear it towards business folks and lawyers, but anyone is welcome. This is a great opportunity to make sure we are all singing off the same sheet of music. We’ll target the last 30 mins of the meeting for this overview.

 

 

GENERAL MEETING

 

Meeting Time: Thurs, April 3, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html


Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 

 

Administrative Agenda

Attendance

Approve Minutes- 

 

Technical Team Report - Kate

 

 

Legal Team Report - Jilayne

 

 

Business Team Report – Jack

 

 

Cross Functional Issues – Phil

V2.0 Overview- Gary O'Neall

 

 

 


Special SPDX General Meeting & V2.0 Overview this Thursday

Philip Odence
 

For those of you who were not able to make it to the face-to-face meetings at the Collab Summt, it was all very productive and successful. (See my latest blog to get a flavor to the interactions: http://spdx.org/news/2014-04-01/open-collaboration-changes-everything...including-spdx ) As a consequence of those meetings, there’s a been step increase in progress since the last General Meeting, so this is a good good one to catch and get an overview from the team leads.

AND, 

The Tech Team has been converging on the approach for V2.0. Gary has volunteered to provide an overview of the current thinking (which is gelling nicely) for anyone who’s not been a regular participant in the TT meetings. He will gear it towards business folks and lawyers, but anyone is welcome. This is a great opportunity to make sure we are all singing off the same sheet of music. We’ll target the last 30 mins of the meeting for this overview.


GENERAL MEETING

Meeting Time: Thurs, April 3, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html

Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 
Administrative Agenda
Attendance
Approve Minutes- 

Technical Team Report - Kate


Legal Team Report - Jilayne


Business Team Report – Jack


Cross Functional Issues – Phil
V2.0 Overview- Gary O'Neall




Re: TripleCheck 0.4

Nuno Brito
 

Hi Jack,

Thank you for the kind suggestion, very appreciated. I'd just ask to wait some weeks before the tool is listed. Some defects were reported that I'd like to get sorted before more users run the software.

Will get back to this message as soon as possible.

With kind regards,
Nuno Brito

On March 31, 2014 8:44:47 PM GMT+02:00, "Manbeck, Jack" <j-manbeck2@ti.com> wrote:
Nuno,

This is great news. I would like to list the tool on the SPDX website.
If you agree here is a link to the information I need. You can email it
to me direct and I can post it on the business team list if you do not
have access.

http://wiki.spdx.org/view/Business_Team/Tool_Link_Request

best regards,

Jack Manbeck
SPDX Site Admin and Business Team Co-Chair


-----Original Message-----
From: spdx-bounces@lists.spdx.org [mailto:spdx-bounces@lists.spdx.org]
On Behalf Of Nuno Brito
Sent: Thursday, March 27, 2014 12:54 PM
To: spdx@lists.spdx.org
Subject: TripleCheck 0.4

Dear SPDX group,

I'd like to announce the availability of a new SPDX editor/viewer.

Features:

- Create an SPDX document from:
-- a source code folder on disk
-- a zipped file on the network

- User interface:
-- Desktop UI
-- Access from a web browser

- Java based (tested under Windows and Linux)
- Tree navigation of files and folders
- Search features (name, hash, similar files)
- Basic SPDX editing features
- Metrics calculation (LOC, size, number of files)
- Basic license detection (detects GPL, LGPL, ...) headers in source
code
- Learning function (supports plugins, new licenses, ...)

The tool is freeware, code is released under the open source EUPL.

These are the first editions, many defects are present that we'll be
addressing in the upcoming months. If you have any requests or would
like to report a defect, just write us back an email.


At the moment only the tag/value format is supported. On our context
there wasn't much demand for supporting the XML version. An SPDX
document generated by our tool writes more information that what the
standard prescribes. For example, we include the hashes for other
algorithms because they help us finding trails of specific files across
the web.


This tool is useful if you need a quick way to visually generate an
SPDX document from a set of files on your disk. We were already
developing this kind of tools in the past for forensic analysis
purposes, moved recently to embrace the SPDX format.


For more details and download, please visit
http://www.triplecheck.de/download/


With kind regards,
Nuno Brito


Re: TripleCheck 0.4

Manbeck, Jack
 

Nuno,

This is great news. I would like to list the tool on the SPDX website. If you agree here is a link to the information I need. You can email it to me direct and I can post it on the business team list if you do not have access.

http://wiki.spdx.org/view/Business_Team/Tool_Link_Request

best regards,

Jack Manbeck
SPDX Site Admin and Business Team Co-Chair

-----Original Message-----
From: spdx-bounces@lists.spdx.org [mailto:spdx-bounces@lists.spdx.org] On Behalf Of Nuno Brito
Sent: Thursday, March 27, 2014 12:54 PM
To: spdx@lists.spdx.org
Subject: TripleCheck 0.4

Dear SPDX group,

I'd like to announce the availability of a new SPDX editor/viewer.

Features:

- Create an SPDX document from:
-- a source code folder on disk
-- a zipped file on the network

- User interface:
-- Desktop UI
-- Access from a web browser

- Java based (tested under Windows and Linux)
- Tree navigation of files and folders
- Search features (name, hash, similar files)
- Basic SPDX editing features
- Metrics calculation (LOC, size, number of files)
- Basic license detection (detects GPL, LGPL, ...) headers in source code
- Learning function (supports plugins, new licenses, ...)

The tool is freeware, code is released under the open source EUPL.

These are the first editions, many defects are present that we'll be addressing in the upcoming months. If you have any requests or would like to report a defect, just write us back an email.


At the moment only the tag/value format is supported. On our context there wasn't much demand for supporting the XML version. An SPDX document generated by our tool writes more information that what the standard prescribes. For example, we include the hashes for other algorithms because they help us finding trails of specific files across the web.


This tool is useful if you need a quick way to visually generate an SPDX document from a set of files on your disk. We were already developing this kind of tools in the past for forensic analysis purposes, moved recently to embrace the SPDX format.


For more details and download, please visit http://www.triplecheck.de/download/


With kind regards,
Nuno Brito

--
email: nuno.brito@triplecheck.de
phone: +49 615 146 03187

_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx


Unsubscribe

Lori Holmes <lori@...>
 

 


Re: Google Summer of Code 2014: There are 4 student applications but no mentors registered

mjherzog
 

SPDX Listers

I have sent Till the email addresses for Gary and Matt and notified them....Michael Herzog

On 3/28/2014 5:25 PM, Till Kamppeter wrote:
Hi,

I am Till Kamppeter, leader of OpenPrinting, and org admin for the GSoC
at the Linux Foundation.

We got 4 student applications on SPDX at the Linux Foundation.
Unfortunately no suitable mentor has signed up and no one of us is able
to evaluate these applications.

On the project ideas list

http://www.linuxfoundation.org/collaborate/workgroups/gsoc/gsoc-2014-spdx-projects

Gary O'Neall and Matt Germonprez appear as available mentors but no
e-mail addresses to contact them.

if you are not Gary or Matt, please forward this to them. It is very
important.

Gary, Matt (or if someone else wants to volunteer), if you are reading
this, please register as mentor going to

http://www.google-melange.com/gsoc/homepage/google/gsoc2014

Near the bottom is photo with many people on it and under it the text

Mentors & Administrators
Registration with participating organizations is now open.

and an orange button labeled "Start connection". Click the button,
follow the instructions, and choose "The Linux Foundation" as your
mentoring organization.

As soon as I see your request I will approve it and then you have access
to the applications. If you want to mentor a student, set the switch
"Wish to mentor" in this application to "YES". I will assign you then
and accept that application, making it eligible for getting a student
slot in this GSoC.

Tell me also which applications are not usable so that I can mark them
as to be ignored.

I have to know the number of applications to accept before April 7. So
register as soon as possible so that you have time to read and evaluate
the applications and also to interact with the students.

Thanks in advance.

Till
_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx


Google Summer of Code 2014: There are 4 student applications but no mentors registered

Till Kamppeter <till.kamppeter@...>
 

Hi,

I am Till Kamppeter, leader of OpenPrinting, and org admin for the GSoC
at the Linux Foundation.

We got 4 student applications on SPDX at the Linux Foundation.
Unfortunately no suitable mentor has signed up and no one of us is able
to evaluate these applications.

On the project ideas list

http://www.linuxfoundation.org/collaborate/workgroups/gsoc/gsoc-2014-spdx-projects

Gary O'Neall and Matt Germonprez appear as available mentors but no
e-mail addresses to contact them.

if you are not Gary or Matt, please forward this to them. It is very
important.

Gary, Matt (or if someone else wants to volunteer), if you are reading
this, please register as mentor going to

http://www.google-melange.com/gsoc/homepage/google/gsoc2014

Near the bottom is photo with many people on it and under it the text

Mentors & Administrators
Registration with participating organizations is now open.

and an orange button labeled "Start connection". Click the button,
follow the instructions, and choose "The Linux Foundation" as your
mentoring organization.

As soon as I see your request I will approve it and then you have access
to the applications. If you want to mentor a student, set the switch
"Wish to mentor" in this application to "YES". I will assign you then
and accept that application, making it eligible for getting a student
slot in this GSoC.

Tell me also which applications are not usable so that I can mark them
as to be ignored.

I have to know the number of applications to accept before April 7. So
register as soon as possible so that you have time to read and evaluate
the applications and also to interact with the students.

Thanks in advance.

Till


Unsubscribe

Lori Holmes <lori@...>
 

 


TripleCheck 0.4

Nuno Brito
 

Dear SPDX group,

I'd like to announce the availability of a new SPDX editor/viewer.

Features:

- Create an SPDX document from:
-- a source code folder on disk
-- a zipped file on the network

- User interface:
-- Desktop UI
-- Access from a web browser

- Java based (tested under Windows and Linux)
- Tree navigation of files and folders
- Search features (name, hash, similar files)
- Basic SPDX editing features
- Metrics calculation (LOC, size, number of files)
- Basic license detection (detects GPL, LGPL, ...) headers in source code
- Learning function (supports plugins, new licenses, ...)

The tool is freeware, code is released under the open source EUPL.

These are the first editions, many defects are present that we'll be addressing in the upcoming months. If you have any requests or would like to report a defect, just write us back an email.


At the moment only the tag/value format is supported. On our context there wasn't much demand for supporting the XML version. An SPDX document generated by our tool writes more information that what the standard prescribes. For example, we include the hashes for other algorithms because they help us finding trails of specific files across the web.


This tool is useful if you need a quick way to visually generate an SPDX document from a set of files on your disk. We were already developing this kind of tools in the past for forensic analysis purposes, moved recently to embrace the SPDX format.


For more details and download, please visit http://www.triplecheck.de/download/


With kind regards,
Nuno Brito

--
email: nuno.brito@triplecheck.de
phone: +49 615 146 03187


CollabSummit rides

Philip Odence
 

This is a late thought, but perhaps helpful. I put up a “ride board” on the wiki for anyone who might have some room or need a ride to/from. 



Re: List of companies that have adopted SPDX

RUFFIN MICHEL
 

The customers of Alcatel-Lucent are mainly telecom operators. They just start in their RFP to ask questions on FOSS and ask list of FOSS in our products. They are far to ask things in SPDX format.

There are 2 things in SPDX the data and the XML format. So we provide the data but not under the XML format (note that we are able to provide it under XML since our tools are aligned and prepared for that).

Now if we were to exchange information with companies aligned on SPDX such as Blackduck, we will probably provide information under full SPDX format so we can automate things between our tools.

As I said XML is for tools, excel is for humans

Michel.Ruffin@Alcatel-Lucent.com, PhD
Software Coordination Manager, N&P IS/IT
Distinguished Member of Technical Staff
Tel +33 6 75 25 21 94
Alcatel-Lucent International, Centre de Villarceaux
Route De Villejust, 91620 Nozay, France

-----Message d'origine-----
De : Georgia Kapitsaki [mailto:gkapi@cs.ucy.ac.cy]
Envoyé : vendredi 14 mars 2014 10:52
À : RUFFIN, MICHEL (MICHEL)
Objet : Re: List of companies that have adopted SPDX

Hi Michael,

thank you for the answer.

If possible, can you add this information in the relevant spdx wiki page?

http://wiki.spdx.org/view/Business_Team/Adoption

Also may I ask you if you provide also externally any SPDX files coming from real projects? I understand that company policies may not allow this, but it would be very interesting for us to have access to some real-world cases, since we are trying to evaluate a tool that checks the correctness of SPDX files.

I remain at your disposal for any information.

Thank you.

Best regards,
Georgia

--
Dr.-Ing. Georgia M. Kapitsaki
Lecturer
Dept. of Computer Science
tel: +357-22892692
University of Cyprus
www.cs.ucy.ac.cy/~gkapi/
http://www.cs.ucy.ac.cy/seit/


On 3/10/2014 4:47 PM, RUFFIN, MICHEL (MICHEL) wrote:
Well the status for Alcatel-Lucent is
1) we officially use the standard naming of FOSS license internally, but perhaps have not changed all our processes, documents and the knowhow of ALU people on this but our trainings, our FOSS internal DB are aligned. (And even me, I speak about BSD2 license or new BSD rather than BSD3-clause license)
2) our internal tools are able to exchange information under SPDX format (some still need to be aligned). Now people use more excel format than XML one when they discuss things 8-) So SPDX/XML is more for machines; Concerning our contracts with suppliers we are asking Excel format and mention SPDX format. It took years to convince them to provide us the list under something easy to treat by computers (Excel rather than ASCI files or url on their web site where we can find the information; We will go to the next step but smoothly

Michel
Michel.Ruffin@Alcatel-Lucent.com, PhD
Software Coordination Manager, N&P IS/IT
Distinguished Member of Technical Staff
Tel +33 6 75 25 21 94
Alcatel-Lucent International, Centre de Villarceaux
Route De Villejust, 91620 Nozay, France


-----Message d'origine-----
De : spdx-bounces@lists.spdx.org [mailto:spdx-bounces@lists.spdx.org] De la part de Philip Odence
Envoyé : lundi 10 mars 2014 13:36
À : Georgia Kapitsaki; spdx@lists.spdx.org
Objet : Re: List of companies that have adopted SPDX

All, if you are willing to add you organization's name to the list of those using SPDX, please either add to the adoption wiki page http://wiki.spdx.org/view/Business_Team/Adoption or drop a note to Jack and Mikael.

Georgia,

Thanks for the inquiry. First let me tell you we don¹t have perfect knowledge. We have gotten to the point that there is enough information available on the Website that one can utilize the spec without having to be involved or ask questions and we know that there are many companies working with SPDX, but either consciously or unconsciously are not sharing that info.

That said, about 6 months ago we started a wiki page to capture what we know, at least about companies that were willing to have their activity known. http://wiki.spdx.org/view/Business_Team/Adoption We know that the info was not complete at the time and surely it has fallen behind a bit.

Best,
Phil


On 3/10/14, 7:57 AM, "Georgia Kapitsaki" <gkapi@cs.ucy.ac.cy> wrote:

Dear all,

is there a location for information on companies that have adopted SPDX.
I was not able have access to this information (if available) from the
specification website.

Thank you.

Best regards,
Georgia

--
Dr.-Ing. Georgia M. Kapitsaki
Lecturer
Dept. of Computer Science
tel: +357-22892692
University of Cyprus
www.cs.ucy.ac.cy/~gkapi/
http://www.cs.ucy.ac.cy/seit/


_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx


Re: SPDX "Online Validation Tools" and "Fossology+SPDX Tools"

Philip Odence
 

To keep the traffic down, we should move this discussion off of the general list. Thanks.

On Mar 10, 2014, at 7:12 PM, "Gary O'Neall" <gary@sourceauditor.com> wrote:

Hi Georgia,

The Online Validation Tools will likely be based on the SPDX libraries. The
source for these libraries can be found at
http://git.spdx.org/?p=spdx-tools.git;a=summary and the binary downloads can
be found at http://spdx.org/spdx-tools/tools-from-the-spdx-workgroup

The validation tools will be based on the SPDX specifications found at
http://spdx.org/SPDX-specifications/spdx-version-1.2.

Let me know if you have any additional questions.

Thanks,
Gary O'Neall



-----Original Message-----
From: spdx-bounces@lists.spdx.org [mailto:spdx-bounces@lists.spdx.org]
On Behalf Of Georgia Kapitsaki
Sent: Monday, March 10, 2014 4:45 AM
To: spdx@lists.spdx.org
Subject: SPDX "Online Validation Tools" and "Fossology+SPDX Tools"

Dear all,

as part of some research work we are performing between the University
of Cyprus (UCY) and the Otto-von-Guericke-Universität Magdeburg (OVGU)
we have some relevant activities to some projects indicated in:
http://www.linuxfoundation.org/collaborate/workgroups/gsoc/gsoc-2014-
spdx-projects

Specifically, we would like to contact:
- Gary O'Neall for the "Online Validation Tools"
- Matt Germonprez for the Fossology+SPDX Tools"

If there are any advancements in these projects, we would like to have
an answer on this in this post if possible.

Best regards,
Georgia

--
Dr.-Ing. Georgia M. Kapitsaki
Lecturer
Dept. of Computer Science
tel: +357-22892692
University of Cyprus
www.cs.ucy.ac.cy/~gkapi/
http://www.cs.ucy.ac.cy/seit/


_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx
_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx


Re: SPDX "Online Validation Tools" and "Fossology+SPDX Tools"

Gary O'Neall
 

Hi Georgia,

The Online Validation Tools will likely be based on the SPDX libraries. The
source for these libraries can be found at
http://git.spdx.org/?p=spdx-tools.git;a=summary and the binary downloads can
be found at http://spdx.org/spdx-tools/tools-from-the-spdx-workgroup

The validation tools will be based on the SPDX specifications found at
http://spdx.org/SPDX-specifications/spdx-version-1.2.

Let me know if you have any additional questions.

Thanks,
Gary O'Neall

-----Original Message-----
From: spdx-bounces@lists.spdx.org [mailto:spdx-bounces@lists.spdx.org]
On Behalf Of Georgia Kapitsaki
Sent: Monday, March 10, 2014 4:45 AM
To: spdx@lists.spdx.org
Subject: SPDX "Online Validation Tools" and "Fossology+SPDX Tools"

Dear all,

as part of some research work we are performing between the University
of Cyprus (UCY) and the Otto-von-Guericke-Universität Magdeburg (OVGU)
we have some relevant activities to some projects indicated in:
http://www.linuxfoundation.org/collaborate/workgroups/gsoc/gsoc-2014-
spdx-projects

Specifically, we would like to contact:
- Gary O'Neall for the "Online Validation Tools"
- Matt Germonprez for the Fossology+SPDX Tools"

If there are any advancements in these projects, we would like to have
an answer on this in this post if possible.

Best regards,
Georgia

--
Dr.-Ing. Georgia M. Kapitsaki
Lecturer
Dept. of Computer Science
tel: +357-22892692
University of Cyprus
www.cs.ucy.ac.cy/~gkapi/
http://www.cs.ucy.ac.cy/seit/


_______________________________________________
Spdx mailing list
Spdx@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx


Re: SPDX "Online Validation Tools" and "Fossology+SPDX Tools"

Matt Germonprez <germonprez@...>
 

Hi Georgia,

Thanks for your interest. Here at the University of Nebraska at Omaha we maintain the code related to FOSSology+SPDX. You can find a public instance of the project here: 

You can find the current source and installation here: 

We have several things that we are considering regarding FOSSology+SPDX right now including: 

1) Interface redesign. Right now, the interface assumes detailed knowledge of the SPDX 1.2 spec. We would like to design an interface that not only produces valid SPDX documents but also educates a user about the current spec. 

2) Post-production of SPDX documents loaded to a central SPDX repository. Currently, SPDX documents are downloaded to the user on a one-by-one basis. The SPDX repository would serve as a central DB by which SPDX documents could then be explored, modified, signed-off, or assigned to products. 

3) Accommodation for the SPDX 2.0 Specification 

We are very open to new improvements or ideas and welcome your input. Please let me know if you have any additional questions. 

Regards,
Matt Germonprez 


On Mon, Mar 10, 2014 at 6:45 AM, Georgia Kapitsaki <gkapi@...> wrote:
Dear all,

as part of some research work we are performing between the University of Cyprus (UCY) and the Otto-von-Guericke-Universität Magdeburg (OVGU) we have some relevant activities to some projects indicated in:
http://www.linuxfoundation.org/collaborate/workgroups/gsoc/gsoc-2014-spdx-projects

Specifically, we would like to contact:
- Gary O'Neall for the "Online Validation Tools"
- Matt Germonprez for the Fossology+SPDX Tools"

If there are any advancements in these projects, we would like to have an answer on this in this post if possible.

Best regards,
Georgia

--
Dr.-Ing. Georgia M. Kapitsaki
Lecturer
Dept. of Computer Science
tel: +357-22892692
University of Cyprus
www.cs.ucy.ac.cy/~gkapi/
http://www.cs.ucy.ac.cy/seit/


_______________________________________________
Spdx mailing list
Spdx@...
https://lists.spdx.org/mailman/listinfo/spdx



--
Mutual of Omaha Associate Professor of Information Systems
University of Nebraska at Omaha
Vita
Open Communities Lab

621 - 640 of 1520