TrustSource @ FOSDEM 2021

TrustSource @ FOSDEM 2021

we are looking forward to the presentations of @Jan Thielscher & @Grigory Markin at FOSDEM 2021.

Open Source Compliance Tooling – Capability Reference Architecture

Jan will present the Open Source Tooling Workgroup‘s reference model in the OpenChain Dev-Room , which outlines domain-specific capabilities and their interrelationships. The model has been created over the last two years by members of the workgroup and is intended to provide an overview of the required tasks that will be needed in the context of open source compliance. It is also useful for mapping the different tools or being clear about what functionality they cover. See the complete video here.

During the talk Jan will also try to motivate tool vendors to map their tools against the model.

Capabilities in comparison

In a second talk, Grigory Markin will present the TrustSource DeepScan open source tool and the free online service DeepScan of the same name in the Dev-Room Software Composition. This solution has been developed to support open source users in identifying the effective licenses and attribution information (license & copyright) :

TrustSource DeepScan – How to effectively excavate effective licenses

In this 15 minute talk, Grigory and Jan will briefly outline the challenge of “effective” licenses and discuss the various technical possibilities and challenges of automated license analysis using similarity analysis, among other things. Finally, the tool, the current state of work and the next steps will be briefly presented.

Want to learn more about SBOMs or OpenSSF? Feel free contacting us!