Thanks again, to Oliver. http://wiki.spdx.org/view/General_Meeting/Minutes/2015-11-05
General Meeting/Minutes/2015-11-05 < General Meeting<http://wiki.spdx.org/view/General_Meeting> | Minutes<http://wiki.spdx.org/view/General_Meeting/Minutes> <http://wiki.spdx.org/view/General_Meeting/Minutes/2015-11-05#mw-navigation><http://wiki.spdx.org/view/General_Meeting/Minutes/2015-11-05#p-search> * Attendance: 12 * Lead by Phil Odence * Minutes of Oct meeting approved/ Contents [hide<http://wiki.spdx.org/view/General_Meeting/Minutes/2015-11-05#>] * 1 Siemens - Oliver Fendt<http://wiki.spdx.org/view/General_Meeting/Minutes/2015-11-05#Siemens_-_Oliver_Fendt> * 2 Tech Team Report - Kate/Gary<http://wiki.spdx.org/view/General_Meeting/Minutes/2015-11-05#Tech_Team_Report_-_Kate.2FGary> * 3 Legal Team Report - Jilayne<http://wiki.spdx.org/view/General_Meeting/Minutes/2015-11-05#Legal_Team_Report_-_Jilayne> * 4 Biz Team Report - Jack<http://wiki.spdx.org/view/General_Meeting/Minutes/2015-11-05#Biz_Team_Report_-_Jack> * 5 Cross Functional Topics - Phil<http://wiki.spdx.org/view/General_Meeting/Minutes/2015-11-05#Cross_Functional_Topics_-_Phil> * 6 Attendees<http://wiki.spdx.org/view/General_Meeting/Minutes/2015-11-05#Attendees> Siemens - Oliver Fendt[edit<http://wiki.spdx.org/index.php?title=General_Meeting/Minutes/2015-11-05&action=edit§ion=1>] * Open Source Group * Deals with compliance issues * Made up of members from all parts of the company * Has been going for 2.5 years * Recognized SPDX early in their existence * Took a close look * First interest was in the license list * Requested some license for list; some successful, some not * Participated in discussion about how to handle license exceptions * SPDX 2.0 was coming on line * Voted internally to adopt SPDX * And to start requiring SPDX docs from their suppliers * Got involved with FOSSology * Implemented initial SPDX 2.0 in FOSSology * Just RDF, not yet Tag Value * Became aware of process of development of standard * * Concerned about the direction, specifically snippet discussion * Concerns that it contradicts vision/mission * Minimizing costs across the supply chain * Concerned that granularity of snippets and that it’s hard to say, unless you are the developer * So, worries about usability * And that it adds interpretation, for example, Black Duck Protex requires the human to interpret * Also, since there is no open source tool that does snippets, adoption may be limited * Would be interested in adding other sorts of information like ECC info * They are currently using the latest/greatest FOSSology and encouraging suppliers to do same * Starting to see projects using SPDX short IDs in files * Suppliers normally don’t deliver source code; Siemens requires that they assert that the comply w/copyrights * So they typically don’t scan source. * They use FOSSo * And they encourage SPDX to supply the info Tech Team Report - Kate/Gary[edit<http://wiki.spdx.org/index.php?title=General_Meeting/Minutes/2015-11-05&action=edit§ion=2>] * Busy refining external identifiers proposal * Aim was a single field * Thought is to break into multiple fields, source of identifier and the domain * Wrestling with the difference between security IDs (NVD/CPE) and repos (e.g. Debian) * Also, recently revisited snippets proposal * Now is a good time to weigh in. * Tools * Active; Sebastian Schubert has been a big contributor recently * Mostly fixes * 2.1 will add some work * UNO repos also very active Legal Team Report - Jilayne[edit<http://wiki.spdx.org/index.php?title=General_Meeting/Minutes/2015-11-05&action=edit§ion=3>] * Cross functional work with tech team on templates and matching * recent joint call, apologies for 10 person limit on call; will address * Looking to change maintenance process * Lots of good discussion about implementing matching guidelines * plan is for another joint call in early December Biz Team Report - Jack[edit<http://wiki.spdx.org/index.php?title=General_Meeting/Minutes/2015-11-05&action=edit§ion=4>] * Working with LF on a new look feel for website * In parallel, changing some of the navigation. * Looks like it’s been delayed, so probably 2-3 weeks before rollout * Some progress already; looking good so far * In process of changing name of team to Outreach Team * Will roll out with new website * Eclipse Foundation * Might be interesting group to speak with about SPDX Cross Functional Topics - Phil[edit<http://wiki.spdx.org/index.php?title=General_Meeting/Minutes/2015-11-05&action=edit§ion=5>] * See Jack’s brief blog on SPDX.org pointing must read blog by Eric Raymond on SPDX Attendees[edit<http://wiki.spdx.org/index.php?title=General_Meeting/Minutes/2015-11-05&action=edit§ion=6>] * Phil Odence, Black Duck * Oliver Fendt, Siemens * Tarek Jomaa. ARM * Gary O’Neill, SourceAuditor * Jilayne Lovejoy, ARM * Jack Manbeck, TI * Richard Christie, ARM * Pierre LaPointe, nexB * Sami Atabani, ARM * Kate Stewart, Linux Foundation * Michael Herzog- nexB * Scott Sterling, Palamida
_______________________________________________ Spdx mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx
