February 2, 2020

209 words 1 min read

OSS Review Toolkit: Automating FOSS Reviews within CI/CD

OSS Review Toolkit: Automating FOSS Reviews within CI/CD

In an ideal world, a FOSS review is highly automated and done often and early so that any FOSS issues - whether technical, licenses or security - can be caught and resolved as they appear. The OSS com …

Talk Title OSS Review Toolkit: Automating FOSS Reviews within CI/CD
Speakers Thomas Steenbergen (Head of Open Source, HERE Technologies)
Conference Open Source Summit North America
Conf Tag
Location Vancouver, BC, Canada
Date Aug 27-31, 2018
URL Talk Page
Slides Talk Slides
Video

In an ideal world, a FOSS review is highly automated and done often and early so that any FOSS issues - whether technical, licenses or security - can be caught and resolved as they appear. The OSS community currently lacks review tooling that is compatible with modern SW development practices like using package managers, continuous integration and continuous delivery (CI/CD). Without this review capability, FOSS projects often are released without clear metadata, resulting in reduced adoption and number of contributions thereby making the projects less successful. In this talk, Thomas presents and demonstrates OSS Review Toolkit (ORT) which enables highly automated FOSS reviews within CI/CD by combining existing FOSS dependency and scanning tools with ClearlyDefined, a platform to discover, curate and share FOSS component metadata. See also https://github.com/heremaps/oss-review-toolkit

comments powered by Disqus