It’s September! Apologies for the late reminder. I just never hit send yesterday.
Note that the minutes from August meeting are at the bottome of this email.
This month, there will be no special presentation per se, however the Steering Committee update will be extended and will include Jilayne presenting a new process to facilitate expedient decision making around
new ideas that have cross team impact or would represent a big change for the overall project.
Phil
GENERAL MEETING
Meeting Time: Thurs, Sept 1,
8am PT / 10 am CT / 11am ET / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html
Conf call dial-in:
Join the meeting:
https://meet.jit.si/SPDXGeneralMeeting
To join by phone instead, tap this: +1.512.647.1431,,1310118349#
Looking for a different dial-in number?
See meeting dial-in numbers: https://meet.jit.si/static/dialInInfo.html?room=SPDXGeneralMeeting
If also dialing-in through a room phone, join without connecting to audio: https://meet.jit.si/SPDXGeneralMeeting#config.startSilent=true
Etherpad for minutes:
https://spdx.swinslow.net/p/spdx-general-minutes
Administrative Agenda
Attendance
Minutes Approval: At the bottom of this email
Steering Committee Update - Phil
Technical Team Report – Kate/Gary/Others
-
Specification and Profiles
-
Overview
-
Core
-
Legal
-
Integrity
-
Defects
-
Usage and Other Emerging
-
Tooling
Legal Team Report – Jilayne/Paul/Steve
Outreach/Website Team Report – Jack/Sebastian/Alexios
SPDX General Meeting Minutes - Aug 4, 2022
Administrative
Attendance: 29
-
Lead by Phil Odence, Steve Winslow
-
Minutes from last meeting approved
Special Presentation, Matthew Crawford
-
A new era for SPDX at Arm, are we ready for change? - A New Era for SPDX at Arm: Are we ready for change? (recording available, insert link later)
-
Thanks to Jilayne, Sami Atabani and SPDX team
-
Old system (ulimately non-std BoM format)
-
Towards generating SPDX
-
New tooling "hot off the press"
Tech Team Report - Gary/Kate/WilliamB
Spec
-
SPDX 2.3 release window - 6 days left. If see any issues, raise in Github, or on tech team email list
-
RC1 window - no roadblocks raised yet.
-
Schema available and tool creators requested to experiment and raise issues.
-
Joshua - CVE reporting added, not clear how to use it. Gary: using external references to refer to CVEs, as well as other security types. Any way to indicate a specific CVE has been fixed? VEX
document may be an option. Recommed going to defects working group.
-
Java tools have been implemented, will be publised after 2.3 release is out.
-
GSoC checkpoint - Alexios
-
just passed half-time mark, steady progress on both projects.
-
SPDX 3.0 Model
-
Good progress on identities, updated in repo. seee: SPDX v3 model diagram https://github.com/spdx/spdx-3-model/blob/main/model.png
-
AI BOM profile - discussed into 2 parts - AI App/Model & Data sets
-
Build Profile - making steady process
-
Defects - looking at what should be in 3.0 now, use-cases welcome
-
Usage -
Legal Team Report - Jilayne/Paul/Steve
Outreach Team Report - Sebastian / Jack / Alexios
-
GSoC - mentioned above
-
general activity, making improvements to outreach team Landscape with Wipro volunteer assistance (thanks Vicky and others!)
-
logos for SPDX's own tools - seeking folks with graphic design talents
-
can explore with LF marketing (Steve will help with LF interaction)
-
noted at OpenSSF - using AI image generators
-
Meeting time is changing to shorter weekly 30 minute meetings.
Attendees
-
Phil Odence, Synopsys/Black Duck Audits
-
Matthew Crawford (Arm)
-
Kate Stewart
-
Gary O'Neall
-
Jilayne Lovejoy (Red Hat)
-
Jari Koivisto
-
Sebastian Crane
-
Alexios Zavras
-
Steve Winslow
-
Ray Lutz (Citizensoversight.org)
-
Akbar (Arm)
-
Alex Rybak (Revenera)
-
Alfredo Espinosa
-
Andrew Jorgenson
-
Brad Goldring (GTC Law Group)
-
Bryan Cowan
-
Christopher Lusk
-
David Edelsohn
-
Jeff H.
-
Karsten Klein
-
Molly Menoni
-
Rich Steenwyk
-
Shailja Kumari
-
Joshua Watt
-
Ria Schalnat
-
Stephen Reeves
-
Janet
-
VM Brasseur
-
Jeff Schutt
