January SPDX General Meeting Minutes

Philip Odence





General Meeting/Minutes/2017-01-05

< General Meeting‎ | Minutes

Jump to: navigation, search

  • Attendance: 14
  • Lead by Phil Odence
  • Minutes of Dec meeting approved


Contents [hide] 

  • 1 Special Presentation- Georgia (Zeta) Kapitsaki
  • 2 Cross Functional Topics - Phil
  • 3 Tech Team Report - Kate/Gary
  • 4 Legal Team Report - Jilayne/Paul
  • 5 Outreach Team Report - Jack
  • 6 Attendees

Special Presentation- Georgia (Zeta) Kapitsaki[edit]

  • Goals of work
    • Automate license specification and selection
    • Helping smaller companies and independent developers
    • Helping with combining licenses
      • Created a graph of compatibility for this purpose
      • Based on analysis by computer scientists (not reviewed by lawyers
  • Selected SPDX because it was the only standard way to represent
  • Analysis
    • Use RDF version of SPDX
    • Parse and find the different licenses
    • Based on compability graph to determine whether the license combinations are OK
    • Can analyze multiple docs to determine compatibility as well
  • Implementation
    • Based tools on SPDX community tools; implemented Java
    • Started with v1.1; needs upgrading
    • Had a problem with finding real files and so used on line FOSSology tools to create
  • Process
    • Uses graph, but graph could be used manually independent of SPDX
    • Find compatible/incompatible licenses
    • Determines problems and flags compatibility problems
  • Available on GitHub
  • Question
    • Are you looking at type of file when analyzing compatibility? Make files for example
      • No they analyze all licenses
      • Would be a direction for the future
      • Might also us dependency information
    • How did you determine which files were compatible and incompatible
      • Did their own analysis
      • Perhaps allow configuration of compatibility


Cross Functional Topics - Phil[edit]

    • Roll out github-maintainable XML license templates
    • Define an approach to creating notice files from an SPDX doc
    • Develop a web-based license match tool
    • Implement tool to score a project’s licensing quality
    • Gain Apache/Eclipse Foundation adoption
    • Sponsor a Google Summer of Code Project
    • Conduct a supply chain management survey
    • Build “whole product” around the spec—what is required for adoption
    • Deploy existing SPDX group tools on web
    • Develop a git plug-in to generate an SPDX doc


Tech Team Report - Kate/Gary[edit]

  • Spec
    • Focus has been on support for implementations
      • Best practice
      • Tools
        • Pseudo code for notices generation
  • Moving git repo from LF over to GitHub at end of January

Legal Team Report - Jilayne/Paul[edit]

  • License list release
    • No Q4 license list release
    • Next one in next few days
  • Transition to Github list will be around end of January

Outreach Team Report - Jack[edit]

  • No meeting yet this year
  • Look at Leadership Conference
  • Approach to Summer of Code
  • Create survey
  • Working on supporting docs




  • Phil Odence, Black Duck
  • Kate Stewart, Linux Foundation
  • Jilayne Lovejoy, ARM
  • Paul Madick, Dimension Data
  • Gary O’Neill, SourceAuditor
  • Georg Link, UNL
  • Mark Gisi, Wind River
  • Jack Manbeck, TI
  • Alexios Zavras, Intel
  • Matt Germonprez, UNO
  • Robin Gandhi, UNO
  • Dave Marr, Qualcomm
  • Sayonnha Mandal, UNO
  • Georgia Kapitsaki, U of Cyprus
  • NewPP limit report CPU time usage: 0.009 seconds Real time usage: 0.010 seconds Preprocessor visited node count: 23/1000000 Preprocessor generated node count: 28/1000000 Post‐expand include size: 0/2097152 bytes Template argument size: 0/2097152 bytes Highest expansion depth: 2/40 Expensive parser function count: 0/100 Saved in parser cache with key spdx_mwiki:pcache:idhash:1072-0!*!*!!en!*!* and timestamp 20170105165343 and revision id 4072