For those interested in improving the automated tracking of copyright, licensing and security information in the supply chain, we've managed to get a Supply Chain mini-summit <http://events.linuxfoundation.org/events/linuxcon-europe/extend-the-experience/supply-chain-summit> added on after LinuxCon on October 8th.
*Agenda* 9:00 - Intro to Supply Chain mini-summit (Kate Stewart) 9:05 - Overview of OpenChain <https://wiki.linuxfoundation.org/openchain/start>, goals and status. (Dave Marr) 9:20 - Overview of SPDX <http://spdx.org/> project, review of 2.0 and plans for 2.1 (Phil Odence) 9:35 - Debsources <https://github.com/Debian/debsources> as a community curated DB of copyright and license information (Stephano Zaccharoli) 10:20 - break 10:30 - DoSOCS - integrating security with license compliance (Sai Uday Shankar Korlimarla) 11:15 - OpenChain working session on the checklist (Dave Marr) 13:15 - lunch break 14:30 - Group brainstorming session on ways to improve automation around open source license compliance and tracking of relevant security information. (Kate to facilitate) 17:00 - wrap up and next steps *Event Details* Date: Thursday, October 8 Time: 9:00am-5:00pm Location: Liffey Meeting Room 3 Cost: Free for LinuxCon + Cloud Open + ELC Europe attendees Register: RSVP Here <https://docs.google.com/a/linuxfoundation.org/forms/d/1BxNAfZKxojfwDb9RlmRR6GOcDBAfzjsfQlZwGDEHfeA/viewform> Hope you see there, Kate
_______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
