This event has ended. Visit the official site or create your own event on Sched.
September 11-14, 2017 - Los Angeles, CA
Click Here For Information & Registration
Wednesday, September 13 • 11:00am - 11:40am
Building Trust: Testing SPDX Generation Tools - Kate Stewart, The Linux Foundation & Philippe Ombredanne, nexB

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Having open source tooling that can generate SPDX documents is an important first step in automating detection and summarizing of the license compliance information found in source or binary code. However, how can you tell which tools are able to accurately detect what is actually in the source code? Due to the imprecise nature of the way developers express licenses, there can be a lot of variance. To build up trust in the heuristics used by tools, a curated set of common packages and associated reference set of SPDX documents have been created to provide a starting point for tools to self certify against. This talk will go through the criteria use to select the packages, and provide some preliminary results.

avatar for Philippe Ombredanne

Philippe Ombredanne

AboutCode.org maintainer and nexB CTO, AboutCode.org and nexB Inc.
Philippe is a passionate FOSS developer, contributor to several FOSS projects including the Linux kernel, AboutCode.org and a long time GSoC mentor. He is the CTO of nexB, a software company on a quest to find what is in your code offering both open source on open source tools and... Read More →
avatar for Kate Stewart

Kate Stewart

Senior Director of Strategic Programs, Linux Foundation
Kate Stewart is a Senior Director of Strategic Programs, responsible for Embedded and Open Compliance programs. Since joining The Linux Foundation, she has launched Real-Time Linux, Zephyr Project, CHAOSS, and ELISA.

Wednesday September 13, 2017 11:00am - 11:40am
Atrium III

Attendees (20)