March 6-8, 2018 - Sonoma, CA
Click Here For Information
View analytic
Thursday, March 8 • 1:50pm - 2:20pm
The Need for Build-time Analysis in Open Source Compliance Tooling: Lessons Learned from the Quartermaster Prototype - Mirko Boehm, Endocode AG

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Quartermaster aims art building an industry standard of tooling that supports the Open Source license compliance workflow. It's workflow engine integrates existing scanning and reporting tools, and integrates into CI/CD processes. It offers API endpoints against which toolmakers, communities and service providers can integrate their products into the open source and open data model of the elemental toolchain. Development of the Quartermaster prototype resulted in a number of key findings, especially that source packages alone do not identify and convey sufficient license information, or that the product build process may be the best time to check compliance. The presentation introduces the Quartermaster project, the novel approach it takes on implementing Open Source compliance tooling, and how the lessons learned from the prototype influenced the Quartermaster toolchain architecture.

avatar for Mirko Boehm

Mirko Boehm

CEO, Endocode AG
Mirko Boehm is a Free Software and Open Source contributor, primarily as a software developer and speaker. He is the founder of the Quartermaster project, and has been a contributor to major Open Source projects including the KDE Desktop since 1997, including several years on the... Read More →

Thursday March 8, 2018 1:50pm - 2:20pm
Kenwood 1