The OpenChain automation case study about using open source tools for open source compliance runs between September and December 2021. It is the largest case study ever undertaken in this space. The outcome of attending will include better knowledge of options for automation around open source compliance, a better understanding of interoperability in the space, and an awareness of how to engage with the field in a turn-key manner.
Part #3 explores how ORT (the Open Source Review Toolkit) works both with the graphical tool and when used on its own.
- October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
- November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
- December 8th, expanding on the Supply Chain and SBOMs.
- December 16th, a recap of the whole open source tooling eco-system at Open Compliance Summit 2021.
Available to Watch Now:
- Part #1 explores a new graphical tool from Facebook/TNG to make open source tooling easier to use. Our demo shows ORT calling ScanCode in a clean, simple way. We also discuss how the graphical interface was designed.
- Part #2 explores the engineering behind the new graphical tool from Facebook/TNG that makes open source tooling easier to use.
- Part #3 explores how ORT (the Open Source Review Toolkit) works both with the graphical tool and when used on its own.
- Part #4 explores how TERN (a container scanner) works both with the graphical tool and when used on its own.
- Part #5 explores how SPDX ISO/IEC 5962 works as a Software Bill of Materials (SBOM) in the supply chain through existing open source tooling for open source compliance.
- Part #6 digs further into how a Software Bill of Materials like SPDX ISO/IEC 5962 can optimize operations in the supply chain