March 6-8, 2018 - Sonoma, CA
Click Here For Information
Back To Schedule
Wednesday, March 7 • 2:00pm - 2:30pm
Automating Compliance: Solving the Problem at the ‘Source' - Philippe Ombredanne, AboutCode.org, Kate Stewart & Greg Kroah-Hartman, The Linux Foundation

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
For years now we’ve been treating compliance with open source licenses as an afterthought, something to be done before distribution, and relying on more and more sophisticated tooling and heuristics to guess what the license is. Code sharing between projects (with different licenses!) has become common and enables much innovation, but causes the problem to only get worse. This approach has meant more resources (tooling, people, time) are needed to figure out the licensing to comply with the terms of open source licenses.   In this session, we’ll look at the the Linux kernel which while it has a LICENSE file indicating it is GPL-2.0-only, actually has over 80 licenses, expressed over 1000+ ways.   We’ll go through a simple solution that is being applied at the source code level in the Linux kernel to remove the guesswork from the tooling, and to simplify the analysis.  This technique can be applied to any open source project.  This will take us significantly closer to the goal that for every build,  you know the licenses that apply (via a simple ‘grep” if you prefer) and can automatically generate the artifacts to comply with those licenses. 

avatar for Greg Kroah-Hartman

Greg Kroah-Hartman

Linux Kernel Developer and Fellow, The Linux Foundation
avatar for Philippe Ombredanne

Philippe Ombredanne

AboutCode.org and ScanCode maintainer, AboutCode.org and nexB Inc.
Philippe Ombredanne is a passionate FOSS hacker, lead maintainer of the ScanCode toolkit and on a mission to enable easier and safer to reuse FOSS code with best in class open source tools for open source discovery, software composition analysis and license & security compliance at... Read More →
avatar for Kate Stewart

Kate Stewart

Senior Director of Strategic Programs, Linux Foundation
Kate Stewart is a Senior Director of Strategic Programs, responsible for Embedded and Open Compliance programs. Since joining The Linux Foundation, she has launched Real-Time Linux, Zephyr Project, CHAOSS, and ELISA.

Wednesday March 7, 2018 2:00pm - 2:30pm PST
Sonoma Valley Room