SPDX Sept General Meeting Minutes & Announcement
|
Phil Odence
SPDX Community,
Minutes: https://wiki.spdx.org/view/General_Meeting/Minutes/2021-09-02
As you are aware, in last week’s meeting we discussed a proposal to change the SPDX workgroup’s governance framework. The discussion was a good one and resulted in consensus. As things were rushed a bit at the end of the meeting and wanting to ensure no one was uncomfortable, we left the door open for concerns to be voiced “within a day or so” on this list. Subsequently there was a brief exchange on the list in support of the proposal as presented. And so, from this point forward, the SPDX is operating under the new framework.
For anyone who may have missed, a summary is attached. Additionally, here are links to the website that now specifies the newly adopted framework and a link directly to the repo that contains the details of the governance framework: · website: https://spdx.dev/about/governance/ · GitHub repo: https://github.com/spdx/governance/
Thanks to all who participated in the smooth transition to the new framework.
Best regards, Phil Chair, SPDX Steering Committee
L. Philip Odence General Manager, Black Duck Audit Business Synopsys Software Integrity Group, Burlington, MA M (781) 258-9502 | phil.odence@... https://www.synopsys.com/audits
General Meeting/Minutes/2021-09-02< General Meeting | Minutes · Attendance: 26 · Lead by Phil Odence · GSoC Presentation was postponed SPDX Governance - Phil[edit]· Intro -Phil · · GOAL of today: Consensus · · Background · About 8 years ago, we put in place a governance structure for SPDX. · Factors · ISO standardization- near to announcing · Executive Order · More participation from comm members with standards body experience · Working with other standards, i.e. SWID and CycloneDX · · Goal of Change - retain spirit and ways of working · more accurately reflect the current reality and future direction of the project · establishing a mechanism for official company membership in the project · using contribution processes and a license for the spec that ensure explicit patent license commitments from contributors · improving clarity around decision-making processes and establishing an appeals process · adopting a code of conduct · · Solution - Steve to explain further · Legal Entity creation- switched from JDF to a much simpler · Retained Community Specification model · Review of pdf Summary - Steave · Legal Entity · Membership Agreement · Community Specs process and license · Q&A/Discussion · Various clarifications · Code of Conduct · Agreed that under new structure it could, if need be, be modified in the future · Possibility of Dual-licensing Spec · Agreed to not address at this time · Resolution · Consensus reached · ...unless significant concerns were raised on the General Mailing List within a day of so of the meeting's close Attendees[edit]· Phil Odence, Black Duck/Synopsys · Sebastian Crane · Joshua Marpet, RM-ISAO · Mike Nemmers · William Cox, Synopsys · Andrew Jorgenson, AWS · Bob Martin, Mitre · Philippe Emmanuel Douziech, CAST · Alexios Zavras, Intel · Marc Etienne Vargenau, Nokia · Jilayne Lovejoy, Red Hat · Steve Winslow, LF · Mike Dolan, LF · Mark Atwood, Amazon · Gary O’Neall, SourceAuditor · Paul Madick, Jenzabar · Jeff Schutt, Cisco · Vicky Brasseur, Wipro · Warner Losh, FreeBSD · Zach Hill, Anchore · Pierre Tardy · David Edelsohn, IBM · Maximilian Huber, TNG · Bill Jaeger · Michael Mehlberg, Dark Sky Technology · Henk Birkholz, Fraunhofe
|
|
|
|
VM (Vicky) Brasseur
Thanks, Phil.
Will there be a press release of some sort? And at what point will the project be ready to start accepting member companies?
Asking for a friend…
--V
-- VM (Vicky) Brasseur Director, Senior Strategy Advisor Open Source Program Office Wipro Limited Time Zone: Pacific/West Coast US
From:
<spdx@...> on behalf of "Phil Odence via lists.spdx.org" <phil.odence=synopsys.com@...>
CAUTION:This email is received from an external domain. Open the hyperlink(s) & attachment(s) with caution.
SPDX Community,
Minutes: https://wiki.spdx.org/view/General_Meeting/Minutes/2021-09-02
As you are aware, in last week’s meeting we discussed a proposal to change the SPDX workgroup’s governance framework. The discussion was a good one and resulted in consensus. As things were rushed a bit at the end of the meeting and wanting to ensure no one was uncomfortable, we left the door open for concerns to be voiced “within a day or so” on this list. Subsequently there was a brief exchange on the list in support of the proposal as presented. And so, from this point forward, the SPDX is operating under the new framework.
For anyone who may have missed, a summary is attached. Additionally, here are links to the website that now specifies the newly adopted framework and a link directly to the repo that contains the details of the governance framework: · website: https://spdx.dev/about/governance/ · GitHub repo: https://github.com/spdx/governance/
Thanks to all who participated in the smooth transition to the new framework.
Best regards, Phil Chair, SPDX Steering Committee
L. Philip Odence General Manager, Black Duck Audit Business Synopsys Software Integrity Group, Burlington, MA M (781) 258-9502 | phil.odence@... https://www.synopsys.com/audits
General Meeting/Minutes/2021-09-02< General Meeting | Minutes · Attendance: 26 · Lead by Phil Odence · GSoC Presentation was postponed SPDX Governance - Phil[edit]· Intro -Phil · · GOAL of today: Consensus · · Background · About 8 years ago, we put in place a governance structure for SPDX. · Factors · ISO standardization- near to announcing · Executive Order · More participation from comm members with standards body experience · Working with other standards, i.e. SWID and CycloneDX · · Goal of Change - retain spirit and ways of working · more accurately reflect the current reality and future direction of the project · establishing a mechanism for official company membership in the project · using contribution processes and a license for the spec that ensure explicit patent license commitments from contributors · improving clarity around decision-making processes and establishing an appeals process · adopting a code of conduct · · Solution - Steve to explain further · Legal Entity creation- switched from JDF to a much simpler · Retained Community Specification model · Review of pdf Summary - Steave · Legal Entity · Membership Agreement · Community Specs process and license · Q&A/Discussion · Various clarifications · Code of Conduct · Agreed that under new structure it could, if need be, be modified in the future · Possibility of Dual-licensing Spec · Agreed to not address at this time · Resolution · Consensus reached · ...unless significant concerns were raised on the General Mailing List within a day of so of the meeting's close Attendees[edit]· Phil Odence, Black Duck/Synopsys · Sebastian Crane · Joshua Marpet, RM-ISAO · Mike Nemmers · William Cox, Synopsys · Andrew Jorgenson, AWS · Bob Martin, Mitre · Philippe Emmanuel Douziech, CAST · Alexios Zavras, Intel · Marc Etienne Vargenau, Nokia · Jilayne Lovejoy, Red Hat · Steve Winslow, LF · Mike Dolan, LF · Mark Atwood, Amazon · Gary O’Neall, SourceAuditor · Paul Madick, Jenzabar · Jeff Schutt, Cisco · Vicky Brasseur, Wipro · Warner Losh, FreeBSD · Zach Hill, Anchore · Pierre Tardy · David Edelsohn, IBM · Maximilian Huber, TNG · Bill Jaeger · Michael Mehlberg, Dark Sky Technology · Henk Birkholz, Fraunhofe
|
|
|
