Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

OpenChain Webinar #11 - Community Bridge and the SPDX Online Tools

OpenChain Webinar #11 - Community Bridge and the SPDX Online Tools

  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

OpenChain Webinar #11 - Community Bridge and the SPDX Online Tools

  1. 1. Community Bridge and the SPDX Online Tools Gary O’Neall, co-lead SPDX Tech Team & Founder Source Auditor Inc. Rohit Lodha, maintainer of the SPDX online tools & MTS at Qubole 7 September, 2020
  2. 2. Agenda ▪ SPDX and Community Bridge Overview ▪ SPDX Tools Overview ▪ Current Status and Community Bridge Projects ▪ SPDX Online Tools Overview and Demo
  3. 3. What is SPDX? ▪ Standard: • A standard format for communicating the components, licenses and copyrights associated with a software package ▪ Guiding principles: • Human and machine readable • Focus on capturing facts; avoid interpretations ▪ Vision: • To help reduce redundant work in determining software license information and facilitate compliance
  4. 4. Example SPDX document Formats ▪ Tag/Value ▪ RDF ▪ JSON ▪ YAML ▪ Spreadsheet
  5. 5. Community Bridge CommunityBridge is a platform created by the Linux Foundation to empower developers — and the individuals and organizations who support them — to advance open source sustainability, security, and diversity CommunityBridge brings together project maintainers, contributors, and users to fund open source projects, improve code security, boost the size and diversity of open source communities, and much more.
  6. 6. SPDX and Community Bridge ▪ Mentoring Program • SPDX tools development provided by students and volunteer mentors • Funding provided by Intel and the Linux Foundation ▪ SPDX Online Tools Infrastructure Funding • Moves the online tools to a completely community funded infrastructure • Broad community support – including many OpenChain contributors
  7. 7. SPDX Tools Contributors ▪ Corporations and Foundations ▪ Individuals – 40+ contributors to various projects ▪ Lots of students and volunteer mentors • Google Summer of Code • Community Bridge
  8. 8. SPDX Tools Current Status ▪ All tools are available as open source at https://github.com/spdx ▪ Language Binding • Java • Python • Go • JavaScript (under development) ▪ Utilities to verify, convert, compare, display ▪ Utilities to support the license list (submit, edit, publish) ▪ Very cool license compare browser plugin contributed by Alan Tse
  9. 9. SPDX Tools Under Development ▪ Re-design of the Java tools ▪ Schema generated code (GSoC project) ▪ LicenseList URL verification (GSoC project) ▪ RDF support in Go (GSoC project) ▪ License matching in Python (Community Bridge Project) ▪ Python language bindings major update (Community Bridge Project) ▪ Infrastructure upgrade to the Online Tools (Community Bridge Funded)
  10. 10. SPDX Online Tools ▪ Provides an easy all-in-one portal to interact with SPDX services. • Validate, compare and convert SPDX documents • Search and compare licenses in SPDX license list • License XML editor • Submit and track license request • Submit and track license namespace request
  11. 11. SPDX Online Tools ▪ SPDX Online Tools Sandbox - http://52.32.53.255/app/ ▪ Deployed at - https://tools.spdx.org/ ▪ Github Repo - https://github.com/spdx/spdx-online-tools/ ▪ API Doc - https://github.com/spdx/spdx-online- tools/wiki/REST-API-Fields-Request-and-Response

×