SlideShare une entreprise Scribd logo

Improvements in meta spdxscanner through FOSSology - Ueba San

Télécharger en tant que PPTX, PDF
Shane Coughlan
Shane Coughlan

'Improvements in meta spdxscanner through FOSSology' contains a presentation from Ueba San of Fujitsu at the OpenChain Workshop, Open Source Summit Europe - 23rd of October.

Logiciels
1  sur  7
Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES LIMITED Improvements in meta-spdxscanner through FOSSology Takuma Ueba Fujitsu Computer Technologies Limited 0 1518ka1
whoami  I have contributed to the following communities • Linux Kernel • U-Boot • Yocto Project  Developer of In-house Embedded Linux Distribution for Fujitsu Limited  Our Distribution is built with Yocto Project  My team-member is maintainer of meta-spdxscanner (Ms. Lei Maohui)  Our Distribution is used for 80+ products. • IVI • Server System Controller • Storage System • Network equipment etc Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES LIMITED Mainly platform community 1
Simple Introduction of meta-spdxscanner  Yocto Layer of source code License scanner  Default output: SPDX format (is best format) (considering OpenChain Project)  Default scanner: DoSOCSv2 Fossology 3.x doesn’t support CUI (at this point), so it could not be used with Yocto Project Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES LIMITED  Patches come from 3rd party Yocto Project meta-spdxscanner SPDX files openembedded-core meta-oe meta-…… do_fetch do_unpack …… do_spdx ……  OSS source code 2
Comparing Outputs by DoSOCSv2, FOSSology Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES Ideal SPDX file DoSOCSv2(0.16.1) FOSSology(3.3.0) SPDXVersion: SPDX-2.0 DataLicense: CC0-1.0 FileName: ./LICENSE SPDXID: SPDXRef-file-LICENSE-4919- 7310aaf0 FileType: OTHER FileChecksum: SHA256: 4919cfb14a73cd64fcef67b107613970cf165 9a09aa675dba31314f373bc7204 LicenseConcluded: NOASSERTION LicenseInfoInFile: LicenseRef-BSD-style LicenseComments: <text></text> FileCopyrightText: NOASSERTION FileComment: <text></text> FileNotice: <text></text> :(snip) SPDXVersion: SPDX-2.1 DataLicense: CC0-1.0 FileName: bzip2-1.0.6/LICENSE SPDXID: SPDXRef-item1699540 FileChecksum: SHA1: 1c0c6888759a63c32bca7eb63353af2cd9b d5d9e FileChecksum: MD5: ddeb76cd34e791893c0f539fdab879bb LicenseConcluded: LicenseRef-bzip2-1.0.6 LicenseInfoInFile: LicenseRef-bzip2-1.0.6 FileCopyrightText: <text> copyright (C) 1996-2010 Julian R Seward. All rights reserved. copyright notice, this list of conditions and the following disclaimer. </text> :(snip) LicenseID: LicenseRef-bzip2-1.0.6 LicenseName: bzip2 and libbzip2 License v1.0.6 ExtractedText: <text> This program, "bzip2", the associated library "libbzip2", and all documentation, are copyright (C) 1996-2010 Julian R Seward. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: :(snip) SPDXVersion: SPDX-2.1 DataLicense: CC0-1.0 FileName: bzip2-1.0.6/LICENSE SPDXID: SPDXRef-item1699540 FileChecksum: SHA1: 1c0c6888759a63c32bca7eb63353af 2cd9bd5d9e FileChecksum: MD5: ddeb76cd34e791893c0f539fdab879 bb LicenseConcluded: LicenseRef-bzip2- 1.0.6 LicenseInfoInFile: LicenseRef-bzip2- 1.0.6 FileCopyrightText: <text> copyright (C) 1996-2010 Julian R Seward. All rights reserved. copyright notice, this list of conditions and the following disclaimer. </text> :(snip) LicenseID: LicenseRef-bzip2-1.0.6 LicenseName: bzip2 and libbzip2 License v1.0.6 ExtractedText: <text> This program, "bzip2", the associated library "libbzip2", and all documentation, are copyright (C) 1996-2010 Julian R Seward. All rights reserved. :(snip) insufficient SPDX output By DoSOCSv2 ≒ SPDX 2.0 2.1: Mandatory item ・LicenseConcluded: no output ・LicenseInfoInFile: mistake ・FileCopyrightText: no output Ideal SPDX output By FOSSology 3
FOSSology available for YP soon! Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES LIMITED  We are making available to use fossdriver in meta-spdxscanner  So you can soon use FOSSology from Yocto Project fossdriver is intended to enable control of a FOSSology server from Python programs. ※ Quoted from fossdriver’s readme  Let’s use improved meta-spdxscanner and SPDX file  Please give me feedback on meta-spdxscanner and SPDX topics. You are available to use high precision SPDX file! 4
Future Work Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES LIMITED The names of products are the product names, trademarks or registered trademarks of the respective companies. Trademark notices ((R),TM) are not necessarily displayed on system names and product names in this material. Let’s improve SPDX file precision together For maintenaince reason, we want send REST API calls FOSSology server to generate SPDX files 5
Improvements in meta spdxscanner through FOSSology - Ueba San

Recommandé

Downloads
DownloadsDownloads
Downloadsenergetictongue26
 
Windows 8.1 pro
Windows 8.1 proWindows 8.1 pro
Windows 8.1 prowelaski
 
Browser of internet 2011
Browser of internet 2011Browser of internet 2011
Browser of internet 2011Jose Rincon
 
OpenWrt101 2007
OpenWrt101 2007OpenWrt101 2007
OpenWrt101 2007Rex Tsai
 
01 Metasploit kung fu introduction
01 Metasploit kung fu introduction01 Metasploit kung fu introduction
01 Metasploit kung fu introductionMostafa Abdel-sallam
 
Top linux distributions & open source Browsers
Top linux distributions & open source BrowsersTop linux distributions & open source Browsers
Top linux distributions & open source Browserspawan sharma
 
Change log
Change logChange log
Change logWagner Alves
 
Readme
ReadmeReadme
ReadmeDavid Sting
 

Recommandé

Downloads
DownloadsDownloads
Downloadsenergetictongue26
 
Windows 8.1 pro
Windows 8.1 proWindows 8.1 pro
Windows 8.1 prowelaski
 
Browser of internet 2011
Browser of internet 2011Browser of internet 2011
Browser of internet 2011Jose Rincon
 
OpenWrt101 2007
OpenWrt101 2007OpenWrt101 2007
OpenWrt101 2007Rex Tsai
 
01 Metasploit kung fu introduction
01 Metasploit kung fu introduction01 Metasploit kung fu introduction
01 Metasploit kung fu introductionMostafa Abdel-sallam
 
Top linux distributions & open source Browsers
Top linux distributions & open source BrowsersTop linux distributions & open source Browsers
Top linux distributions & open source Browserspawan sharma
 
Change log
Change logChange log
Change logWagner Alves
 
Readme
ReadmeReadme
ReadmeDavid Sting
 
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)Red Hat Developers
 
Developing in Python on Red Hat Platforms (DevNation 2016)
Developing in Python on Red Hat Platforms (DevNation 2016)Developing in Python on Red Hat Platforms (DevNation 2016)
Developing in Python on Red Hat Platforms (DevNation 2016)ncoghlan_dev
 
lotos-framework
lotos-frameworklotos-framework
lotos-frameworkAlexander Smirnov
 
How to Manage OSS Licenses in CI/CD Development
How to Manage OSS Licenses in CI/CD DevelopmentHow to Manage OSS Licenses in CI/CD Development
How to Manage OSS Licenses in CI/CD DevelopmentShane Coughlan
 
Open source Android 10 on Orange Pi: Meth or Reality?
Open source Android 10 on Orange Pi: Meth or Reality?Open source Android 10 on Orange Pi: Meth or Reality?
Open source Android 10 on Orange Pi: Meth or Reality?GlobalLogic Ukraine
 
Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...SZ Lin
 
Icse10a.ppt
Icse10a.pptIcse10a.ppt
Icse10a.pptYann-Gaël Guéhéneuc
 
OpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentOpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentShane Coughlan
 
Open-source Android 10 on Orange Pi: myth or reality?
Open-source Android 10 on Orange Pi: myth or reality?Open-source Android 10 on Orange Pi: myth or reality?
Open-source Android 10 on Orange Pi: myth or reality?GlobalLogic Ukraine
 
Creating new Tizen profiles using the Yocto Project
Creating new Tizen profiles using the Yocto ProjectCreating new Tizen profiles using the Yocto Project
Creating new Tizen profiles using the Yocto ProjectLeon Anavi
 
Linux internals v4
Linux internals v4Linux internals v4
Linux internals v4Liran Ben Haim
 
libdash 2.0
libdash 2.0libdash 2.0
libdash 2.0Christopher Mueller
 
Why the yocto project for my io t project elc_edinburgh_2018
Why the yocto project for my io t project elc_edinburgh_2018Why the yocto project for my io t project elc_edinburgh_2018
Why the yocto project for my io t project elc_edinburgh_2018Mender.io
 
56_Implementation
56_Implementation56_Implementation
56_ImplementationPrerna Paliwal
 
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...Patricia Aas
 
HKG18-203 - Overview of Linaro DRM
HKG18-203 - Overview of Linaro DRMHKG18-203 - Overview of Linaro DRM
HKG18-203 - Overview of Linaro DRMLinaro
 
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...Felipe Prado
 
OpenChain Webinar #50 - An Overview of SPDX 3.0
OpenChain Webinar #50 - An Overview of SPDX 3.0OpenChain Webinar #50 - An Overview of SPDX 3.0
OpenChain Webinar #50 - An Overview of SPDX 3.0Shane Coughlan
 
Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96波 董
 
Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96波 董
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingShane Coughlan
 

Contenu connexe

Similaire à Improvements in meta spdxscanner through FOSSology - Ueba San

Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)Red Hat Developers
 
Developing in Python on Red Hat Platforms (DevNation 2016)
Developing in Python on Red Hat Platforms (DevNation 2016)Developing in Python on Red Hat Platforms (DevNation 2016)
Developing in Python on Red Hat Platforms (DevNation 2016)ncoghlan_dev
 
How to Manage OSS Licenses in CI/CD Development
How to Manage OSS Licenses in CI/CD DevelopmentHow to Manage OSS Licenses in CI/CD Development
How to Manage OSS Licenses in CI/CD DevelopmentShane Coughlan
 
Open source Android 10 on Orange Pi: Meth or Reality?
Open source Android 10 on Orange Pi: Meth or Reality?Open source Android 10 on Orange Pi: Meth or Reality?
Open source Android 10 on Orange Pi: Meth or Reality?GlobalLogic Ukraine
 
Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...SZ Lin
 
OpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentOpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentShane Coughlan
 
Open-source Android 10 on Orange Pi: myth or reality?
Open-source Android 10 on Orange Pi: myth or reality?Open-source Android 10 on Orange Pi: myth or reality?
Open-source Android 10 on Orange Pi: myth or reality?GlobalLogic Ukraine
 
Creating new Tizen profiles using the Yocto Project
Creating new Tizen profiles using the Yocto ProjectCreating new Tizen profiles using the Yocto Project
Creating new Tizen profiles using the Yocto ProjectLeon Anavi
 
Why the yocto project for my io t project elc_edinburgh_2018
Why the yocto project for my io t project elc_edinburgh_2018Why the yocto project for my io t project elc_edinburgh_2018
Why the yocto project for my io t project elc_edinburgh_2018Mender.io
 
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...Patricia Aas
 
HKG18-203 - Overview of Linaro DRM
HKG18-203 - Overview of Linaro DRMHKG18-203 - Overview of Linaro DRM
HKG18-203 - Overview of Linaro DRMLinaro
 
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...Felipe Prado
 
OpenChain Webinar #50 - An Overview of SPDX 3.0
OpenChain Webinar #50 - An Overview of SPDX 3.0OpenChain Webinar #50 - An Overview of SPDX 3.0
OpenChain Webinar #50 - An Overview of SPDX 3.0Shane Coughlan
 
Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96波 董
 
Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96波 董
 

Similaire à Improvements in meta spdxscanner through FOSSology - Ueba San (20)

Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
Developing In Python On Red Hat Platforms (Nick Coghlan & Graham Dumpleton)
 
Developing in Python on Red Hat Platforms (DevNation 2016)
Developing in Python on Red Hat Platforms (DevNation 2016)Developing in Python on Red Hat Platforms (DevNation 2016)
Developing in Python on Red Hat Platforms (DevNation 2016)
 
lotos-framework
lotos-frameworklotos-framework
lotos-framework
 
How to Manage OSS Licenses in CI/CD Development
How to Manage OSS Licenses in CI/CD DevelopmentHow to Manage OSS Licenses in CI/CD Development
How to Manage OSS Licenses in CI/CD Development
 
Open source Android 10 on Orange Pi: Meth or Reality?
Open source Android 10 on Orange Pi: Meth or Reality?Open source Android 10 on Orange Pi: Meth or Reality?
Open source Android 10 on Orange Pi: Meth or Reality?
 
Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...
 
Icse10a.ppt
Icse10a.pptIcse10a.ppt
Icse10a.ppt
 
OpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentOpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD development
 
Open-source Android 10 on Orange Pi: myth or reality?
Open-source Android 10 on Orange Pi: myth or reality?Open-source Android 10 on Orange Pi: myth or reality?
Open-source Android 10 on Orange Pi: myth or reality?
 
Creating new Tizen profiles using the Yocto Project
Creating new Tizen profiles using the Yocto ProjectCreating new Tizen profiles using the Yocto Project
Creating new Tizen profiles using the Yocto Project
 
Linux internals v4
Linux internals v4Linux internals v4
Linux internals v4
 
libdash 2.0
libdash 2.0libdash 2.0
libdash 2.0
 
Why the yocto project for my io t project elc_edinburgh_2018
Why the yocto project for my io t project elc_edinburgh_2018Why the yocto project for my io t project elc_edinburgh_2018
Why the yocto project for my io t project elc_edinburgh_2018
 
56_Implementation
56_Implementation56_Implementation
56_Implementation
 
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
 
HKG18-203 - Overview of Linaro DRM
HKG18-203 - Overview of Linaro DRMHKG18-203 - Overview of Linaro DRM
HKG18-203 - Overview of Linaro DRM
 
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
 
OpenChain Webinar #50 - An Overview of SPDX 3.0
OpenChain Webinar #50 - An Overview of SPDX 3.0OpenChain Webinar #50 - An Overview of SPDX 3.0
OpenChain Webinar #50 - An Overview of SPDX 3.0
 
Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96
 
Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96Ubuntu core on bubblegum 96
Ubuntu core on bubblegum 96
 

Plus de Shane Coughlan

OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingShane Coughlan
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 
OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19Shane Coughlan
 
OpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorOpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorShane Coughlan
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleShane Coughlan
 
OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20Shane Coughlan
 
AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06Shane Coughlan
 
OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06Shane Coughlan
 
OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09Shane Coughlan
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17Shane Coughlan
 
Openchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxOpenchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxShane Coughlan
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...Shane Coughlan
 
Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Shane Coughlan
 
OpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesOpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesShane Coughlan
 
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27Shane Coughlan
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30Shane Coughlan
 
OpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeOpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeShane Coughlan
 
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxFrom One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxShane Coughlan
 
OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11Shane Coughlan
 

Plus de Shane Coughlan (20)

OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19
 
OpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorOpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS Calculator
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scale
 
OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20
 
AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06
 
OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06
 
OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17
 
Openchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxOpenchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptx
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
 
Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023
 
OpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesOpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics Slides
 
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30
 
OpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeOpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your Code
 
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxFrom One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
 
OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11
 

Dernier

Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 

Dernier (20)

Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 

Improvements in meta spdxscanner through FOSSology - Ueba San

  • 1. Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES LIMITED Improvements in meta-spdxscanner through FOSSology Takuma Ueba Fujitsu Computer Technologies Limited 0 1518ka1
  • 2. whoami  I have contributed to the following communities • Linux Kernel • U-Boot • Yocto Project  Developer of In-house Embedded Linux Distribution for Fujitsu Limited  Our Distribution is built with Yocto Project  My team-member is maintainer of meta-spdxscanner (Ms. Lei Maohui)  Our Distribution is used for 80+ products. • IVI • Server System Controller • Storage System • Network equipment etc Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES LIMITED Mainly platform community 1
  • 3. Simple Introduction of meta-spdxscanner  Yocto Layer of source code License scanner  Default output: SPDX format (is best format) (considering OpenChain Project)  Default scanner: DoSOCSv2 Fossology 3.x doesn’t support CUI (at this point), so it could not be used with Yocto Project Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES LIMITED  Patches come from 3rd party Yocto Project meta-spdxscanner SPDX files openembedded-core meta-oe meta-…… do_fetch do_unpack …… do_spdx ……  OSS source code 2
  • 4. Comparing Outputs by DoSOCSv2, FOSSology Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES Ideal SPDX file DoSOCSv2(0.16.1) FOSSology(3.3.0) SPDXVersion: SPDX-2.0 DataLicense: CC0-1.0 FileName: ./LICENSE SPDXID: SPDXRef-file-LICENSE-4919- 7310aaf0 FileType: OTHER FileChecksum: SHA256: 4919cfb14a73cd64fcef67b107613970cf165 9a09aa675dba31314f373bc7204 LicenseConcluded: NOASSERTION LicenseInfoInFile: LicenseRef-BSD-style LicenseComments: <text></text> FileCopyrightText: NOASSERTION FileComment: <text></text> FileNotice: <text></text> :(snip) SPDXVersion: SPDX-2.1 DataLicense: CC0-1.0 FileName: bzip2-1.0.6/LICENSE SPDXID: SPDXRef-item1699540 FileChecksum: SHA1: 1c0c6888759a63c32bca7eb63353af2cd9b d5d9e FileChecksum: MD5: ddeb76cd34e791893c0f539fdab879bb LicenseConcluded: LicenseRef-bzip2-1.0.6 LicenseInfoInFile: LicenseRef-bzip2-1.0.6 FileCopyrightText: <text> copyright (C) 1996-2010 Julian R Seward. All rights reserved. copyright notice, this list of conditions and the following disclaimer. </text> :(snip) LicenseID: LicenseRef-bzip2-1.0.6 LicenseName: bzip2 and libbzip2 License v1.0.6 ExtractedText: <text> This program, "bzip2", the associated library "libbzip2", and all documentation, are copyright (C) 1996-2010 Julian R Seward. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: :(snip) SPDXVersion: SPDX-2.1 DataLicense: CC0-1.0 FileName: bzip2-1.0.6/LICENSE SPDXID: SPDXRef-item1699540 FileChecksum: SHA1: 1c0c6888759a63c32bca7eb63353af 2cd9bd5d9e FileChecksum: MD5: ddeb76cd34e791893c0f539fdab879 bb LicenseConcluded: LicenseRef-bzip2- 1.0.6 LicenseInfoInFile: LicenseRef-bzip2- 1.0.6 FileCopyrightText: <text> copyright (C) 1996-2010 Julian R Seward. All rights reserved. copyright notice, this list of conditions and the following disclaimer. </text> :(snip) LicenseID: LicenseRef-bzip2-1.0.6 LicenseName: bzip2 and libbzip2 License v1.0.6 ExtractedText: <text> This program, "bzip2", the associated library "libbzip2", and all documentation, are copyright (C) 1996-2010 Julian R Seward. All rights reserved. :(snip) insufficient SPDX output By DoSOCSv2 ≒ SPDX 2.0 2.1: Mandatory item ・LicenseConcluded: no output ・LicenseInfoInFile: mistake ・FileCopyrightText: no output Ideal SPDX output By FOSSology 3
  • 5. FOSSology available for YP soon! Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES LIMITED  We are making available to use fossdriver in meta-spdxscanner  So you can soon use FOSSology from Yocto Project fossdriver is intended to enable control of a FOSSology server from Python programs. ※ Quoted from fossdriver’s readme  Let’s use improved meta-spdxscanner and SPDX file  Please give me feedback on meta-spdxscanner and SPDX topics. You are available to use high precision SPDX file! 4
  • 6. Future Work Copyright 2018 FUJITSU COMPUTER TECHNOLOGIES LIMITED The names of products are the product names, trademarks or registered trademarks of the respective companies. Trademark notices ((R),TM) are not necessarily displayed on system names and product names in this material. Let’s improve SPDX file precision together For maintenaince reason, we want send REST API calls FOSSology server to generate SPDX files 5

Notes de l'éditeur

  1. 0