October 31 - November 1 - Co-Located Events
October 28-30 - Conference
Lyon Convention Centre - Lyon, France
More information for Open Source Summit + Embedded Linux Conference Europe 2019
Back To Schedule
Monday, October 28 • 15:15 - 15:50
Compliance Puzzle, Building an OSS Compliance Toolchain with Open Source Technologies - Sebastian Schuberth, Bosch Software Innovations GmbH

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Open Source Compliance affects most development projects within an organization. Many of the activities are tedious work or require special knowledge, which are typically not favored by the teams. But help is at hand, activities can be automated in a way that keeps effort out of projects and enables back offices to efficiently process the special knowledge activities like license evaluation. These toolchains typically identify transitive 3rd party dependencies in codebases, enrich found dependencies with the known compliance metadata, trigger back office tasks, run company policy checks on the aquired data and produce the reports and legal notices defined as process outputs. The Open Source world contains lots of bits and pieces for these activities but the art is to plug them together to a working, industry scale toolchain. In this talk we present our approach at Bosch and its connection to the activities of communities like the Tooling Landscape Group, the TODO Group and OpenChain.

avatar for Sebastian Schuberth

Sebastian Schuberth

Senior Expert Open Source Services, Bosch Software Innovations GmbH
Sebastian is a long-term Open Source user, contributor and maintainer, who engages in bringing together community and corporate aspects of Open Source Software. Lately, he got interested in automating OSS Compliance and founded the OSS Review Toolkit (ORT) project, for which he still... Read More →

Monday October 28, 2019 15:15 - 15:50
Rhone 1
  • Session Slides Included Yes