Oct SPDX General Meeting Minutes

Philip Odence

Here you go:




L. Philip Odence
VP/General Manager Black Duck On-Demand
Black Duck Software, Inc.
800 District Avenue, Suite 201
Burlington, MA 01803-5061
E: podence@...
O: +1.781.425.4479
M: +1.781.258.9502
Skype: philip.odence






General Meeting/Minutes/2017-10-05

General Meeting‎ | Minutes

  • Attendance: 11
  • Lead by Phil Odence
  • Minutes of Sept meeting approved 




Guest Presentation - Alexander Lisianoi[edit]

  • Background
    • Working on masters in Technical University of Vienna
  • Project
    • Turning Python Code into Javascript
      • Pooling PY and License expression
      • Libraries that are self contained
      • Initially looked easy
    • Results
      • It works!
    • How it went
      • Long list of tools available, so choosing a tool is the first step
        • Brython, Batavia, Transcript
        • Brython can read in pure Python
        • Bytavia uses Python byte code
        • Transcript actually translates to javacode, so he picked that one
          • Downside is that it doesn’t handle every Python capability
      • Encountered a lot of bizarre results
        • And complained a fair amount
        • Tricky to know what goes wrong; have to debug both in parallel
        • Errors can be subtle
        • How things are compared differs between languages
    • The resulting tool
      • You can parse, but it can be broken
    • Value of the work
      • Javascript is very commonly used for front ends these days
      • You don’t want to have to support two technologies for front and back end
      • This allows leveraging the backend scripts for building front end
      • Valuable to tool developers using JS and to development communities
      • As a side-effect of the work, we Alexander helped 

Tech Team Report - Kate/Gary[edit]

  • Spec
    • All on GItHub now
  • Last few meetings have been focused on
    • FSF proposal
      • Supporting legal team on expanding license expression language
    • Testing work from Jack
      • Tool testing cases
        • Scanners for locating license language
        • License language matchers (using matching guidelines)
      • Also testing license list generator
        • Which requires test cases as well
      • Looking at creating a repo for all test cases
        • Two tool types 
        • License list gen
      • Will be community based so folks can contribute cases
  • Preview
    • Looks like there will be a new tool contribution from an LF member
    • A tool to create a summary 
      • Input SPDX tag value; output easy to read/intrerpret format
  • LinuxCon Europe
    • There will be a meeting for those creating tools
    • New testing work with be on the agenda


Legal Team Report - Jilayne/Paul[edit]

  • FSF Proposal 
    • For how the GPL version is represented
    • Questions about new operators, default
    • Generated a large meeting with tech folks
      • Lively discussion
      • Did not reach resolution
    • FSF has come back with another proposal
      • Technical challenges
      • Difference of opinion, particularly for case where
      • Part of the issue is that FSF is focused on just the identifiers vs. how we use with SPDX
        • License does not specify “or later” or “only”
        • How do we represent without representing legal judgment
        • Fundamentally there are different opinions on what it means when there is no specification
        • Very important to FSF (including Richard Stallman)

Outreach Team Report - Jack[edit]

  • Mostly license test file work as described above



  • Phil Odence, Black Duck
  • Kate Stewart, Linux Foundation
  • Alexander Lisianoi, Technical University of Vienna
  • Matthew Crawford, ARM
  • Matija Suklje, FSFE
  • Steve Winslow, Linux Foundation
  • Mike Dolan, Linux Foundation
  • Jack Manbeck, TI
  • Michael Herzog- nexB
  • Gary O’Neall, SourceAuditor
  • Paul Madick, Dimension Data