Loading…
This event has ended. Visit the official site or create your own event on Sched.
September 11-14, 2017 - Los Angeles, CA
Click Here For Information & Registration
View analytic
Wednesday, September 13 • 11:00am - 11:40am
Building Trust: Testing SPDX Generation Tools - Kate Stewart, The Linux Foundation & Philippe Ombredanne, nexB

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Having open source tooling that can generate SPDX documents is an important first step in automating detection and summarizing of the license compliance information found in source or binary code. However, how can you tell which tools are able to accurately detect what is actually in the source code? Due to the imprecise nature of the way developers express licenses, there can be a lot of variance. To build up trust in the heuristics used by tools, a curated set of common packages and associated reference set of SPDX documents have been created to provide a starting point for tools to self certify against. This talk will go through the criteria use to select the packages, and provide some preliminary results.

Speakers
avatar for Philippe Ombredanne

Philippe Ombredanne

maintainer and CTO, AboutCode.org and nexB Inc.
Philippe is a passionate FOSS developer, contributor to several FOSS projects such as AboutCode.org and a long time GSoC mentor. He is the CTO of nexB, a software company on a quest to find what is in your code offering both FOSS tools and commercial solutions
avatar for Kate Stewart

Kate Stewart

Sr. Director of Strategic Programs, Linux Foundation
Kate is a Senior Director of Strategic Programs at the Linux Foundation responsible a portfolio of open source projects and standards. ​​With almost 30 years of experience in the software industry, she has held a variety of roles and worked as a developer in Canada, Australia... Read More →



Wednesday September 13, 2017 11:00am - 11:40am
Atrium III

Attendees (20)