All, The SPDX Core Team has been working on a long overdue update to some of the web content that describes the spec and the project. Below is what we’ve come up with. We think it’s good to go, but at the Thurs General Meeting will see if anyone has concerns that would merit scheduling a meeting to discuss in more detail. Thanks, Phil
----- Short summary for top of main page, https://spdx.dev/<https://urldefense.com/v3/__https:/spdx.dev/__;!!A4F2R9G_pg!NbuVXQYKBp980XTIPTUj4M9JxfjV7rLsA-JvLfRg-i0KjcHSDyKWEZkph6RBG4RD$> and anywhere else a short summary is needed/used ------ SPDX is an open standard for communicating software bill of material information, including provenance, license, security, and other related information. SPDX reduces redundant work by providing common formats for organizations and communities to share important data, thereby streamlining and improving compliance, security, and dependability. ------------ FOR NEW ABOUT PAGE ---------------------------- Our Vision The vision of SPDX is to reduce redundant work by providing common formats for organizations and communities to share important data, thereby streamlining and improving compliance, security, and dependability. Our Mission The mission of SPDX is to develop and promote open standards for communicating software bill of material information, including provenance, license, security, and other related information. About SPDX is an open source project hosted by the Linux Foundation. The grass-roots effort includes representatives from a diverse set of organizations—software, systems and tool vendors, foundations and systems integrators. Work is done by two sub-groups: the tech team and the legal team. There is also a monthly general call which provides an overview of progress on the entire project. For more information about getting involved, see the Participate page. The SPDX project is composed of: * The SPDX Specification itself * the SPDX License List (including exceptions, matching guidelines, license IDs, and license expression syntax) * SPDX tools and libraries for working with the SPDX documents and SPDX License List Guiding principles * SPDX represents data in formats that are both machine- and human-readable. * SPDX focuses on collecting and communicating facts; and provides a framework to make assertions about those facts. * SPDX makes no legal interpretations (of licenses or license compliance). * SPDX facilitates the efficient exchange of metadata in the supply chain. Governance Model The SPDX Governance model is documented here. ------------END FOR NEW ABOUT PAGE ---------------------------- -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#1354): https://lists.spdx.org/g/spdx/message/1354 Mute This Topic: https://lists.spdx.org/mt/77204468/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/spdx/leave/2655439/1698928721/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
