SPDX July General Meeting Minutes

Philip Odence

Thanks to Anna for sharing he GSOC work.




General Meeting/Minutes/2017-07-06

General Meeting‎ | Minutes

  • Attendance: 12
  • Lead by Phil Odence
  • Minutes of June meeting approved 




Guest Presentation - Anna Buhman[edit]

  • Goals: Integrate GitHub with SPDX
    • Auto Generation
    • And kept up to date
    • Therefore easier to use
  • Uses
    • Repo admin sets up
    • Or non admin or someone outside could generate as well
    • Perhaps on a portion of the code
  • How it works
    • Scans using an open source scanner with every change
    • Creates doc and a pull request for updated doc which human must approve
      • anticipates needing some human modifications
    • Above is working today
  • Future modifications
    • Rather than replacing, combing with old version to retain human mods
    • Email notification of new docs
    • User-selectable license scanner
  • Project comments
    • Learning lots about different kinds of software
      • Example, learning about controlling GitHub with Python code
    • SPDX seemed very complicated at first
    • But understanding licensing she understands the requirements
    • Work so far is on GitHub in the SPDX area; Wiki too
  • Questions:
    • How to keep from overwriting human modifications?
      • Compare section by section and default to original giving a human the choice
    • When will a demo be available?
      • Maybe on a future call


Tech Team Report - Kate/Gary[edit]

  • Spec source is now on GitHub, versioned, etc,
    • Big thanks to Thomas Steenbergen
    • Working out permissions/process modifications
    • Looking at how to link to from spdx.org
  • Have been working through the topics for the next rev
  • Tooling
    • Summer of Code students have been giving updates
      • Gitter account set up wth lots of good conversations
      • Great progress overall


Legal Team Report - Jilayne/Paul[edit]

  • Good last few calls
  • XML Format
    • Gary set up a we to view previews
    • Down to last few files
  • Discussion about Linus’ note about GPL
    • Linus tried to clarify what it applied to our not
      • explicit about user space not subject to being a derivative work
    • Not calling it a license exception, per se, but will likely be treated as we treat exceptions
    • Not a clear way to represent; working on that now
    • There had been two versions, but that was cleaned up
  • Some chatter on mailing list about how we identify “only” as in GPL 2.0 Only
    • Problem: We are explicit about “or later” but not about “only”
    • Working with FSF who would prefer: GPL-2.0-Only
    • Considering modifications to the expression language


Outreach Team Report - Jack[edit]

  • Michael working on umbrella project page for Git
    • Idea is to be an SPDX home for developers
  • Working on a write up of goals for tools etc. 
    • Kate working on it.



  • Phil Odence, Black Duck
  • Kate Stewart, Linux Foundation
  • Jack Manbeck, TI
  • Gary O’Neall, SourceAuditor
  • Anna Buhman, UNO
  • Paul Madick, Dimension Data
  • Michael Herzog- nexB
  • Thomas Steenbergen, HERE
  • Bradlee Edmondson, Harvard
  • Jilayne Lovejoy, ARM
  • Robin Gandhi, UNO
  • Georg Link, UNO