Hi Bradley, There are no licensing requirements for tools themselves to participate in the bake-off, the only requirement is that they are able to produce (and ideally consume) valid SPDX files. We're

Yes. We've got Thurs(16th)11:15am-5pm reserved for SPDX. More next week.... :-) Kate

Great work Thomas! Thank you very much for your efforts to get our current (and future) specifications into a more community friendly format! :-) Kate

Just spotted a very nice reference to SPDX in Dirk Riehle's paper, and thought those on the list might find the paper interesting as well. http://dirkriehle.com/publications/2017-2/license-clearance-i

Hi, Just thought some of you might be interested in some recent announcements with SPDX showing up in them. FSFE just launched a new site today recommending use of SPDX license identifiers in the sour

Hi Neal, We agree, some tooling is needed to generate the signing of the files that is needed in an SPDX document for an accurate manifest. Both FOSSology and ScanCode are open source projects that sc

Hi Jonas Prior to 2.0, the expectation was that there would only be a single package with a set of files in each SPDX document. When we introduced relationships/identifiers, in 2.0, we were able to ex

Hi Phil, Couple of comments on the Prague section, added them inline, but that's probably not clear - so can you substitute the following in the minutes? Prague SPDX Open Source Tools Session MarkG de

Hi, We were able to get the SPDXTeam Uberconference updated last Thursday to remove the limit on number of people attending the call. Yay!!! However, as a result of this, we had to change the dial in

Some of you have already noticed that this started in 2016 but as of 4.14, we had a major breakthrough and cleanup of all the files without a license reference all had SDPX identifiers added to them.

And in addition to Linux getting serious in terms of adding SPDX identifiers, we also have FreeBSD applying them to their code base. Kate ---------- Forwarded message ---------- From: Pedro Giffuni <p

Hi, Just heard from LF IT that our SPDX site & wiki will be rebooting this weekend, as the apply the Meltdown/Spectre remediation. It should just be down for 5 minutes early this weekend, so this is m

Hi John, Thanks for reaching out! I think this discussion is best handled with the tech team so switching mailing lists, and moving general to bcc. :-) Some of the information you're proposing in SEvA

Hi Varshak, Welcome! Glad you're interested in participating in our community. I am copying the spdx-tech mail list where we discuss the GSoC efforts. Ideas we've come up with so far are listed on: ht

#spdx

There's also BANG! (Binary Analysis Next Generation) that is in beta now. see: https://github.com/armijnhemel/binaryanalysis-ng Kate

Hi Dan, Am not sure what you're using for a build infrastructure, but there are some solutions emerging in Yocto that may be relevant, as well as the other projects that Philippe outlines. I checked w

Hi Phil, I've gone in and updated the tech section to put links into some of the items we discussed and added details of Asia SPDX tech call. Please let me know if you want me to revert. Tech Team Rep

In 2017 the project decided to move the specification from google documents to github and a repository was set up at: https://github.com/spdx/spdx-spec Before we could move forward though, we needed t

Hi Phil, all Quick update, we will have a guest speaker this week. Matthew Crawford will be discussing "Arm’s SPDX compliance file" Thanks, Kate

Hi Mark, Thanks for the generous offer. :-) We're not paying for zoom, however I'm definitely up for doing an experiment during our spdx-tech meeting tomorrow, and if it works for the regular attendee