Our talk for this session with be from Gary O’Neall and Steve Winslow:

SPDX: Bridging the Compliance Tool Gap

Any organization which utilizes open source software needs to comply with the open source license terms and the specific security policies of their industry.  To satisfy the basic requirement of knowing the specific open source packages included in the software, several tools have been produced which create or manage a software “Bill of Materials”.  The Software Package Data Exchange (SPDX) defines a standard format for a Bill of Materials which can facilitate harmonious integration of multiple tools.

This is a reprise of a very well-received talk they gave at the LF Open Source Leadership Summit earlier this month. If you have colleagues, friends or partners that would like to learn SPDX, this would be great 30 minute intro. Please invite them.

GENERAL MEETING

Meeting Time: Thurs, April 4, 8am PST / 10 am CST / 11am EST / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html

Conf call dial-in:

New dial in number: 415-881-1586

No PIN needed

The weblink for screenshare will stay the same at: 
http://uberconference.com/SPDXTeam

Administrative Agenda

Attendance

Minutes Approval: https://wiki.spdx.org/view/General_Meeting/Minutes/2019-03-07  

Special Presentation – Gary/Steve

Technical Team Report – Kate/Gary

Legal Team Report – Jilayne/Paul

Outreach Team Report – Jack

Any Cross Functional Issues –All