Welcome Back to Dependency Hell - OSS Compliance in the Age of Software Reuse
This talk is about meeting Open Source Software Compliance in our current state of SoftwareDevelopment. It is also a reckoning on our current state of Software Development with regards to Software Reu …
Talk Title | Welcome Back to Dependency Hell - OSS Compliance in the Age of Software Reuse |
Speakers | Nisha Kumar (Open Source Engineer, VMware) |
Conference | Open Source Summit + ELC North America |
Conf Tag | |
Location | San Diego, CA, USA |
Date | Aug 19-23, 2019 |
URL | Talk Page |
Slides | Talk Slides |
Video | |
This talk is about meeting Open Source Software Compliance in our current state of SoftwareDevelopment. It is also a reckoning on our current state of Software Development with regards to Software Reuse, in other words, Dependency Management. The first step in meeting OSS legal obligations is to know what software your product or project is dependent on. This is an exponentially hard problem now when a single module can contain hundreds of dependencies and each development ecosystem has its own principles and tooling around tracking them. Wrapping each microservice in its own runtime environment (containers) has not solved this problem, but rather distributed it across an often times unreliable and unsafe network.This talk doesn’t provide a magic solution to a problem decades in the making, but it tries to raise awareness of the problem and lists some requirements to consider while the industry ponders on how to untangle itself.