SlideShare ist ein Scribd-Unternehmen logo

Tools for developers to ensure legal integrity of their code - Antelink OWF

A
Antelink
Technologie
1 von 27
Downloaden Sie, um offline zu lesen
Tools for developers to ensure legal integrity of their code Freddy Munoz, PhD freddy.munoz@antelink.com Product Manager, Antelink. @drfmunoz Bruno Cornec Open Source & Linux Profession Bruno.Cornec@hp.com Lead EMEA, HPIntelCo.
The context
The problem are you sure that you In your product know everything…? ??? compile test analysis integration test package Product Build Engineer Final product ??? In your BoM license? version? project? are you sure that you are license compliant? 3
Available compliance tools (non-exhaustive list) Antepedia Antepedia Antepedia Notifier Notifier Reporter Source code Binary package Source http://www.linuxfoundation.org/programs/legal/compliance/tools 4
Antepedia Tool Suite 5
Antepedia Tool Suit Antepedia 940 000 projects Knowledge 210 000 000 files Base Public API Antepedia* Antepedia* Notifier Reporter Antepedia** Search ** free public access 6 * free for non-profit projects and organizations
Antepedia Search Single file Cloud service Web-browser report Original project License information Release date and location 7
Antepedia Reporter my.antepedia.com Antepedia — the world’s Largest Knowledge Base of open source projects 1. HTML file Export Antepedia Reporter 2. CSV File Analysis Automated On-demand Detection of Open Source Components 8
9
Antepedia Notifier Antepedia, the world’s my.antepedia.com largest database of open source projects Continuous detection 1. By MAIL Notification 2. Through Antepedia Notifier Atlassian JIRA Automated Continuos Detection of Open Source Components 10
FOSSology - Goal FOSS-ology : The study of FOSS The goal of the FOSSology project is create tools and a framework to reduce fear, uncertainty, and doubt in the use, development, and distribution of open source software. FOSSology is a static analysis framework to learn what we can by scanning FOSS itself. Analyze the code, save the results in a database, report results through a Web (or scripted) interface.
A Simple FOSSology Process Flow o Scan every single file in a package (or distro, or …) o Fuzzy match against a library of > 400 known licenses. o Examine the non-matching portions looking for text that could be an unknown license. o Nomos, the now GPLed license analysis tool, is the result of 10+ years of scanning @HP
File upload screenshot
Queue management screenshot
License analysis screenshot
Meta data analysis screenshot
Bucket browser screenshot
Architecture
Web Resources FOSSOlogy main site http://www.fossology.org Mailing Lists, contacts http://fossology.org/contact_us Plume details http://www.projet-plume.org/fiche/fossology Project-Builder http://trac.project-builder.org Open Source at HP http://opensource.hp.com ProLiant & Linux http://www.hp.com/go/proliantlinux FOSSology users: HP, ALU, Siemens, “The evolution of FLOSS INRIA, OW2 and the Internet are tightly coupled”
SPDX: Handling Heterogeneous Licenses 20
21
Inconsistent License Information (1/2) http://sourceforge.net/projects/jwebmail/ http://jwebmail.sourceforge.net/about.html http://jwebmail.sourceforge.net/news.html 22
Inconsistent Source http://sourceforge.net/projects/winpenpack/ License Information (2/2) Source http://www.winpenpack.com/en/page.php?5 23
24
SPDX: Standardization SPDX™ - A standard format for communicating the components, licenses and copyrights associated with a software package. 25
26
??? 27

Empfohlen

Community SUmmit: Legal & Licensing / Tools for developers to ensure legal in...
Community SUmmit: Legal & Licensing / Tools for developers to ensure legal in...Community SUmmit: Legal & Licensing / Tools for developers to ensure legal in...
Community SUmmit: Legal & Licensing / Tools for developers to ensure legal in...Paris Open Source Summit
 
Guadalajara con 2012
Guadalajara con 2012Guadalajara con 2012
Guadalajara con 2012Jaime Restrepo
 
Fighting Malware Without Antivirus
Fighting Malware Without AntivirusFighting Malware Without Antivirus
Fighting Malware Without AntivirusEnergySec
 
Complete python toolbox for modern developers
Complete python toolbox for modern developersComplete python toolbox for modern developers
Complete python toolbox for modern developersJan Giacomelli
 
Antelink Presentation at EOLE 2011, Barcelona, Spain
Antelink Presentation at EOLE 2011, Barcelona, SpainAntelink Presentation at EOLE 2011, Barcelona, Spain
Antelink Presentation at EOLE 2011, Barcelona, SpainAntelink
 
Science ip!!
Science ip!!Science ip!!
Science ip!!alliealleoh
 
How to help development team to manage foss during the whole industrial proc...
How to help development team to manage foss during the whole industrial proc...How to help development team to manage foss during the whole industrial proc...
How to help development team to manage foss during the whole industrial proc...Antelink
 
Presentazione pdf
Presentazione pdfPresentazione pdf
Presentazione pdfSante Lomurno
 

Empfohlen

Community SUmmit: Legal & Licensing / Tools for developers to ensure legal in...
Community SUmmit: Legal & Licensing / Tools for developers to ensure legal in...Community SUmmit: Legal & Licensing / Tools for developers to ensure legal in...
Community SUmmit: Legal & Licensing / Tools for developers to ensure legal in...Paris Open Source Summit
 
Guadalajara con 2012
Guadalajara con 2012Guadalajara con 2012
Guadalajara con 2012Jaime Restrepo
 
Fighting Malware Without Antivirus
Fighting Malware Without AntivirusFighting Malware Without Antivirus
Fighting Malware Without AntivirusEnergySec
 
Complete python toolbox for modern developers
Complete python toolbox for modern developersComplete python toolbox for modern developers
Complete python toolbox for modern developersJan Giacomelli
 
Antelink Presentation at EOLE 2011, Barcelona, Spain
Antelink Presentation at EOLE 2011, Barcelona, SpainAntelink Presentation at EOLE 2011, Barcelona, Spain
Antelink Presentation at EOLE 2011, Barcelona, SpainAntelink
 
Science ip!!
Science ip!!Science ip!!
Science ip!!alliealleoh
 
How to help development team to manage foss during the whole industrial proc...
How to help development team to manage foss during the whole industrial proc...How to help development team to manage foss during the whole industrial proc...
How to help development team to manage foss during the whole industrial proc...Antelink
 
Presentazione pdf
Presentazione pdfPresentazione pdf
Presentazione pdfSante Lomurno
 
51 etna
51 etna51 etna
51 etnaAEGIS-ACCESSIBLE Projects
 
Software Heritage, a revolutionary infrastructure for software source code, O...
Software Heritage, a revolutionary infrastructure for software source code, O...Software Heritage, a revolutionary infrastructure for software source code, O...
Software Heritage, a revolutionary infrastructure for software source code, O...OW2
 
Aegis ETNA NTU
Aegis ETNA NTUAegis ETNA NTU
Aegis ETNA NTUAEGIS-ACCESSIBLE Projects
 
ETNA – European Thematic Network on Assistive Information and Communication T...
ETNA – European Thematic Network on Assistive Information and Communication T...ETNA – European Thematic Network on Assistive Information and Communication T...
ETNA – European Thematic Network on Assistive Information and Communication T...AEGIS-ACCESSIBLE Projects
 
Open Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache FoundationOpen Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache FoundationMohammad Kotb
 
Open Source In Education
Open Source In EducationOpen Source In Education
Open Source In EducationDominique Cimafranca
 
Open Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache FoundationOpen Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache FoundationMohammad Kotb
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckBlack Duck by Synopsys
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...Shane Coughlan
 
Free/Open Source Software for Science & Engineering
Free/Open Source Software for Science & EngineeringFree/Open Source Software for Science & Engineering
Free/Open Source Software for Science & EngineeringKinshuk Sunil
 
Securing Open Source Code in Enterprise
Securing Open Source Code in EnterpriseSecuring Open Source Code in Enterprise
Securing Open Source Code in EnterpriseAsankhaya Sharma
 
Assingment 5 - ENSA
Assingment 5 - ENSAAssingment 5 - ENSA
Assingment 5 - ENSAJeewanthi Fernando
 
Using Open Source for Enterprise
Using Open Source for EnterpriseUsing Open Source for Enterprise
Using Open Source for EnterpriseEric Fesler
 
ppt_template for EDA.pptx
ppt_template for EDA.pptxppt_template for EDA.pptx
ppt_template for EDA.pptxAnshumanDwivedi14
 
GoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaGoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaFriprogsenteret
 
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...sparkfabrik
 
OpenNTF Overview DanNotes 11/23/11
OpenNTF Overview DanNotes 11/23/11OpenNTF Overview DanNotes 11/23/11
OpenNTF Overview DanNotes 11/23/11Niklas Heidloff
 
Open Source Software: A Study
Open Source Software: A StudyOpen Source Software: A Study
Open Source Software: A StudyIqbal Ahmad Ansari
 
Open Source and Accesssiblity - t12t meetup 181122
Open Source and Accesssiblity - t12t meetup 181122Open Source and Accesssiblity - t12t meetup 181122
Open Source and Accesssiblity - t12t meetup 181122Erik Zetterström
 
IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011WASecurity
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Weitere ähnliche Inhalte

Ähnlich wie Tools for developers to ensure legal integrity of their code - Antelink OWF

Software Heritage, a revolutionary infrastructure for software source code, O...
Software Heritage, a revolutionary infrastructure for software source code, O...Software Heritage, a revolutionary infrastructure for software source code, O...
Software Heritage, a revolutionary infrastructure for software source code, O...OW2
 
ETNA – European Thematic Network on Assistive Information and Communication T...
ETNA – European Thematic Network on Assistive Information and Communication T...ETNA – European Thematic Network on Assistive Information and Communication T...
ETNA – European Thematic Network on Assistive Information and Communication T...AEGIS-ACCESSIBLE Projects
 
Open Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache FoundationOpen Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache FoundationMohammad Kotb
 
Open Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache FoundationOpen Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache FoundationMohammad Kotb
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckBlack Duck by Synopsys
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...Shane Coughlan
 
Free/Open Source Software for Science & Engineering
Free/Open Source Software for Science & EngineeringFree/Open Source Software for Science & Engineering
Free/Open Source Software for Science & EngineeringKinshuk Sunil
 
Securing Open Source Code in Enterprise
Securing Open Source Code in EnterpriseSecuring Open Source Code in Enterprise
Securing Open Source Code in EnterpriseAsankhaya Sharma
 
Using Open Source for Enterprise
Using Open Source for EnterpriseUsing Open Source for Enterprise
Using Open Source for EnterpriseEric Fesler
 
GoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaGoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaFriprogsenteret
 
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...sparkfabrik
 
OpenNTF Overview DanNotes 11/23/11
OpenNTF Overview DanNotes 11/23/11OpenNTF Overview DanNotes 11/23/11
OpenNTF Overview DanNotes 11/23/11Niklas Heidloff
 
Open Source and Accesssiblity - t12t meetup 181122
Open Source and Accesssiblity - t12t meetup 181122Open Source and Accesssiblity - t12t meetup 181122
Open Source and Accesssiblity - t12t meetup 181122Erik Zetterström
 
IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011WASecurity
 

Ähnlich wie Tools for developers to ensure legal integrity of their code - Antelink OWF (20)

51 etna
51 etna51 etna
51 etna
 
Software Heritage, a revolutionary infrastructure for software source code, O...
Software Heritage, a revolutionary infrastructure for software source code, O...Software Heritage, a revolutionary infrastructure for software source code, O...
Software Heritage, a revolutionary infrastructure for software source code, O...
 
Aegis ETNA NTU
Aegis ETNA NTUAegis ETNA NTU
Aegis ETNA NTU
 
ETNA – European Thematic Network on Assistive Information and Communication T...
ETNA – European Thematic Network on Assistive Information and Communication T...ETNA – European Thematic Network on Assistive Information and Communication T...
ETNA – European Thematic Network on Assistive Information and Communication T...
 
Open Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache FoundationOpen Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache Foundation
 
Open Source In Education
Open Source In EducationOpen Source In Education
Open Source In Education
 
Open Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache FoundationOpen Source, Sourceforge Projects, & Apache Foundation
Open Source, Sourceforge Projects, & Apache Foundation
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
 
Free/Open Source Software for Science & Engineering
Free/Open Source Software for Science & EngineeringFree/Open Source Software for Science & Engineering
Free/Open Source Software for Science & Engineering
 
Securing Open Source Code in Enterprise
Securing Open Source Code in EnterpriseSecuring Open Source Code in Enterprise
Securing Open Source Code in Enterprise
 
Assingment 5 - ENSA
Assingment 5 - ENSAAssingment 5 - ENSA
Assingment 5 - ENSA
 
Using Open Source for Enterprise
Using Open Source for EnterpriseUsing Open Source for Enterprise
Using Open Source for Enterprise
 
ppt_template for EDA.pptx
ppt_template for EDA.pptxppt_template for EDA.pptx
ppt_template for EDA.pptx
 
GoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaGoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'Elia
 
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
 
OpenNTF Overview DanNotes 11/23/11
OpenNTF Overview DanNotes 11/23/11OpenNTF Overview DanNotes 11/23/11
OpenNTF Overview DanNotes 11/23/11
 
Open Source Software: A Study
Open Source Software: A StudyOpen Source Software: A Study
Open Source Software: A Study
 
Open Source and Accesssiblity - t12t meetup 181122
Open Source and Accesssiblity - t12t meetup 181122Open Source and Accesssiblity - t12t meetup 181122
Open Source and Accesssiblity - t12t meetup 181122
 
IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011
 

Kürzlich hochgeladen

Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 

Kürzlich hochgeladen (20)

Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 

Tools for developers to ensure legal integrity of their code - Antelink OWF

  • 1. Tools for developers to ensure legal integrity of their code Freddy Munoz, PhD freddy.munoz@antelink.com Product Manager, Antelink. @drfmunoz Bruno Cornec Open Source & Linux Profession Bruno.Cornec@hp.com Lead EMEA, HPIntelCo.
  • 3. The problem are you sure that you In your product know everything…? ??? compile test analysis integration test package Product Build Engineer Final product ??? In your BoM license? version? project? are you sure that you are license compliant? 3
  • 4. Available compliance tools (non-exhaustive list) Antepedia Antepedia Antepedia Notifier Notifier Reporter Source code Binary package Source http://www.linuxfoundation.org/programs/legal/compliance/tools 4
  • 6. Antepedia Tool Suit Antepedia 940 000 projects Knowledge 210 000 000 files Base Public API Antepedia* Antepedia* Notifier Reporter Antepedia** Search ** free public access 6 * free for non-profit projects and organizations
  • 7. Antepedia Search Single file Cloud service Web-browser report Original project License information Release date and location 7
  • 8. Antepedia Reporter my.antepedia.com Antepedia — the world’s Largest Knowledge Base of open source projects 1. HTML file Export Antepedia Reporter 2. CSV File Analysis Automated On-demand Detection of Open Source Components 8
  • 9. 9
  • 10. Antepedia Notifier Antepedia, the world’s my.antepedia.com largest database of open source projects Continuous detection 1. By MAIL Notification 2. Through Antepedia Notifier Atlassian JIRA Automated Continuos Detection of Open Source Components 10
  • 11. FOSSology - Goal FOSS-ology : The study of FOSS The goal of the FOSSology project is create tools and a framework to reduce fear, uncertainty, and doubt in the use, development, and distribution of open source software. FOSSology is a static analysis framework to learn what we can by scanning FOSS itself. Analyze the code, save the results in a database, report results through a Web (or scripted) interface.
  • 12. A Simple FOSSology Process Flow o Scan every single file in a package (or distro, or …) o Fuzzy match against a library of > 400 known licenses. o Examine the non-matching portions looking for text that could be an unknown license. o Nomos, the now GPLed license analysis tool, is the result of 10+ years of scanning @HP
  • 16. Meta data analysis screenshot
  • 19. Web Resources FOSSOlogy main site http://www.fossology.org Mailing Lists, contacts http://fossology.org/contact_us Plume details http://www.projet-plume.org/fiche/fossology Project-Builder http://trac.project-builder.org Open Source at HP http://opensource.hp.com ProLiant & Linux http://www.hp.com/go/proliantlinux FOSSology users: HP, ALU, Siemens, “The evolution of FLOSS INRIA, OW2 and the Internet are tightly coupled”
  • 21. 21
  • 22. Inconsistent License Information (1/2) http://sourceforge.net/projects/jwebmail/ http://jwebmail.sourceforge.net/about.html http://jwebmail.sourceforge.net/news.html 22
  • 23. Inconsistent Source http://sourceforge.net/projects/winpenpack/ License Information (2/2) Source http://www.winpenpack.com/en/page.php?5 23
  • 24. 24
  • 25. SPDX: Standardization SPDX™ - A standard format for communicating the components, licenses and copyrights associated with a software package. 25
  • 26. 26
  • 27. ??? 27