SPDX Nov General Meeting Minutes

Phil Odence



General Meeting/Minutes/2018-11-01

< General Meeting‎ | Minutes

·         Attendance: 6

·         Lead by Phil Odence

·         Minutes of Oct meeting approved 




·         1 Tech Team Report - Kate/Gary

·         2 Legal Team Report - Jilayne

·         3 Outreach Team Report - All

·         4 Attendees

Tech Team Report - Kate/Gary[edit]

·         Spec

·         Ceva discussions

·         Looking at fields that we might incorporate

·         Security

·         Evidence

·         Idea is to bring in as a separate section

·         Good Progress

·         Some discussions with NTIA Group as well

·         SWID

·         May start using the security mailing list soon

·         Tooling

·         Multiple formats

·         Challenges solves

·         XML, JSON, YAML, Tag value, RDF

·         Attention back to updating tooling with spec

·         Some concern about file sizes with certain packages/formats

·         May simply be an issue of LOTS of files

·         Generating License List 

·         Didn’t work perfectly

·         Giving another run

·         Updating tooling for license submittal/editing

·         A few bugs need to be worked around


Legal Team Report - Jilayne[edit]

·         There’s a fair backlog of issues to work through

·         Ongoing process

·         3.1 Is out

·         Started new practice of release notes

·         Tooling and new request system has to be nailed down

·         People are going through multiple paths/processes

·         Need to standardize

·         Tooling is close

·         Need a few more text fields

·         All submissions seem to come from Gary

·         License inclusion guidelines

·         Inbound request regarding open hardware languages

·         Already included open data license

·         May need to revisit inclusion guidelines

·         OSI discussion about naming issues with SPDX

·         Need to find opportunity for better collaboration 


Outreach Team Report - All[edit]

·         Seems to be a lot more use of SPDX in the wild than we are aware of

·         How do we run down and catalog?

·         Wonder if it’s time for another poll

·         Last poll results: https://spdx.org/sites/cpstandard/files/pages/files/spdx_survey_results_may_2013.zip



·         Phil Odence, Black Duck/Synopsys

·         Kate Stewart, Linux Foundation

·         Gary O’Neall, SourceAuditor

·         Andrew Katz, Orcro

·         Jilayne Lovejoy

·         Steve Winslow, LF