Hello SPDX legal team list, As a heads-up, you may have seen that the initial pre-release of SPDX 3.0 (3.0-rc1) was tagged yesterday: https://github.com/spdx/spdx-3-model/releases/tag/3.0-rc1
This initial pre-release is focused on defining the “model” of data for SPDX 3.0, for a variety of “profiles” <https://github.com/spdx/spdx-3-model/tree/main/model> representing different use cases for metadata in software bills of materials. For folks who aren’t familiar with it, the files in the spdx-3-model repo <https://github.com/spdx/spdx-3-model/> represent the “upstream sources” for the SPDX 3.0 data model. This is sort of similar to the XML files in license-list-XML <https://github.com/spdx/license-list-XML>: it is the “source” version of the spec, but not in the format that many end users would typically reference. Because of this, it is probably harder to read for those who haven’t been familiar with the details of how it is being developed. I am assuming that a more human-readable, rendered version of the spec will become available as well for future pre-releases. As a pre-release, this -rc1 is meant to be an initial version particularly for tooling developers to begin testing out implementation of the draft standard and identifying issues for further rework before the full 3.0 release. While the release generally covers the new Licensing Profile structure that was originally discussed in 2020/2021, I am sure there will be further changes and opportunities for input before the final release. For anyone who wants to explore the current draft definitions of the initial classes and properties for the Licensing Profile, here are a few links that would be useful: Classes: https://github.com/spdx/spdx-3-model/tree/main/model/Licensing/Classes Properties for licenses: https://github.com/spdx/spdx-3-model/tree/main/model/Licensing/Properties Properties for Software Artifacts: https://github.com/spdx/spdx-3-model/tree/main/model/Software/Properties Specifically from this folder: concludedLicense, declaredLicense, copyrightText and attributionText These are the fields that can be defined on Packages, Files or Snippets. If you want to learn more, here are a few upcoming opportunities: During the SPDX 3.0 Tooling Mini Summit <https://events.linuxfoundation.org/open-source-summit-north-america/features/co-located-events/#spdx-3-tooling-mini-summit> tomorrow, there will be presentations about the Licensing Profile and other SPDX 3.0 profiles, along with discussions about tooling and implementation. The Mini Summit is co-located with Open Source Summit North America <https://events.linuxfoundation.org/open-source-summit-north-america/>, with zero-cost registration to attend virtually (I’ll be attending virtually myself). You’ll need to register for OSSNA to attend the Mini Summit. This coming Thursday, May 11, during the regularly-scheduled Legal Team call, I’ll give more of an overview of the draft Licensing Profile particularly for non-technical participants in the SPDX Legal Team community. Finally, we will look to schedule some follow-on meetings for further joint Tech-Legal Team discussions of the open issues for the Licensing Profile leading up to the full 3.0 release. Best regards, Steve -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#3363): https://lists.spdx.org/g/Spdx-legal/message/3363 Mute This Topic: https://lists.spdx.org/mt/98769321/21656 Group Owner: spdx-legal+ow...@lists.spdx.org Unsubscribe: https://lists.spdx.org/g/Spdx-legal/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
