March 6-8, 2018 - Sonoma, CA
Click Here For Information
Thursday, March 8 • 1:50pm - 2:20pm
The Need for Build-time Analysis in Open Source Compliance Tooling: Lessons Learned from the Quartermaster Prototype - Mirko Boehm, Endocode AG

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Quartermaster aims art building an industry standard of tooling that supports the Open Source license compliance workflow. It's workflow engine integrates existing scanning and reporting tools, and integrates into CI/CD processes. It offers API endpoints against which toolmakers, communities and service providers can integrate their products into the open source and open data model of the elemental toolchain. Development of the Quartermaster prototype resulted in a number of key findings, especially that source packages alone do not identify and convey sufficient license information, or that the product build process may be the best time to check compliance. The presentation introduces the Quartermaster project, the novel approach it takes on implementing Open Source compliance tooling, and how the lessons learned from the prototype influenced the Quartermaster toolchain architecture.

avatar for Mirko Boehm

Mirko Boehm

Director, Open Source Governance and Compliance, Endocode AG
Free and Open Source Software contributor. Founder, Endocode. Director, Linux System Definition, Open Invention Network. KDE contributor since 1997 (including several years on the KDE e.V. board). Visiting lecturer and researcher at the Technical University of Berlin. FSFE Team Germany... Read More →

Thursday March 8, 2018 1:50pm - 2:20pm PST
Kenwood 1