Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Shane Coughlan
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SHOWCASE
Part of the activities of the OpenChain Automotive Work Group Meeting #2
Toyota and Strategic Collaboration with the CommunityShane Coughlan
Toyota has built strong ties into the global open source development community and into areas related to open source patent non-aggression and copyright compliance. During the Legal & Licensing Workshop in Barcelona during April 2018 Endo San from the Toyota legal team explained their approach and the benefits it brings.
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Shane Coughlan
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SHOWCASE
Part of the activities of the OpenChain Automotive Work Group Meeting #2
Toyota and Strategic Collaboration with the CommunityShane Coughlan
Toyota has built strong ties into the global open source development community and into areas related to open source patent non-aggression and copyright compliance. During the Legal & Licensing Workshop in Barcelona during April 2018 Endo San from the Toyota legal team explained their approach and the benefits it brings.
Sometimes dominant design is established by small and new ventures, rather than by large corporations, as we would expect. This is the case of Arduino, an open source platform for building and prototyping electronics projects, that imposed itself as dominant design in the fast-growing field of the digital makers. In our presentation, we use Arduino as an exemplar case to challenge some conventional wisdoms and traditional ways of thinking in strategic management. Our findings show that organization design and organizational processes shape the new ventures strategy (rather than viceversa), and play a critical role in setting a new dominant design.
Licensing in Composite Open Source ProjectsProtecode
Navigating licenses of composite open source software packages can be a difficult undertaking. Composite projects often contain more than one open source package and each project could have its own individual license, creating potential licensing dilemmas for those who wish to incorporate the code into their own project.
Giving Everyone Access To Open Source Best Practices: The OpenChain CurriculumShane Coughlan
This talk will explain how the OpenChain Curriculum team assembled and released extensive compliance training material under CC-0 licensing. It will expand on how this material can be either used for generic in-company or cross-company training and how it helps to comply with the OpenChain Specification. A run through of the key material will be given to illustrate how it can support every company in the adoption and customization of best practices to suit their needs. The talk will conclude with a brief overview of how to engage with the OpenChain Curriculum, the broader OpenChain Project, and what can be expected around Open Source supply chain management in the coming year.
Software Heritage, a revolutionary infrastructure for software source code, O...OW2
Open Source Software is at the heart of our digital society and embodies a growing part of our technical and organisational knowledge, and this raises many questions: how to comply with the obligations of Open Source licenses? how to be sure that the source code of a key module we use will be still there when we need it in the future? do we really know what source code we are using, and where it comes from? how can we adress cybersecurity if we do not know? how do we share this information across the software supply chain?
Answering these questions and answering them well is quite a challenge.
In this presentation, you will discover Software Heritage, an open non-profit initiative, in partnership with Unesco, and supported by major IT players, and how the revolutionary infrastructure it is building changes the way we adress these issues.
Keynote presentation by Roberto Di Cosmo, Inria.
Abstract: With 8 billions unique source files from 120 million repositories, it is the largest archive of source code ever built.
Turn the legacy code in a totally new code starting with unit testing, style checking, documentation generation and finally the awaited continuous integration with various automation.
OIDF Workshop 4/29/2019 -- OpenID Research & Education Working Group UpdateOpenIDFoundation
Davide Vaghetti with Consortium GARR provided an update on the OpenID Foundation Research & Education (R&E) Working Group at the OIDF Workshop at Verizon Media on Monday, April 29, 2019.
Sometimes dominant design is established by small and new ventures, rather than by large corporations, as we would expect. This is the case of Arduino, an open source platform for building and prototyping electronics projects, that imposed itself as dominant design in the fast-growing field of the digital makers. In our presentation, we use Arduino as an exemplar case to challenge some conventional wisdoms and traditional ways of thinking in strategic management. Our findings show that organization design and organizational processes shape the new ventures strategy (rather than viceversa), and play a critical role in setting a new dominant design.
Licensing in Composite Open Source ProjectsProtecode
Navigating licenses of composite open source software packages can be a difficult undertaking. Composite projects often contain more than one open source package and each project could have its own individual license, creating potential licensing dilemmas for those who wish to incorporate the code into their own project.
Giving Everyone Access To Open Source Best Practices: The OpenChain CurriculumShane Coughlan
This talk will explain how the OpenChain Curriculum team assembled and released extensive compliance training material under CC-0 licensing. It will expand on how this material can be either used for generic in-company or cross-company training and how it helps to comply with the OpenChain Specification. A run through of the key material will be given to illustrate how it can support every company in the adoption and customization of best practices to suit their needs. The talk will conclude with a brief overview of how to engage with the OpenChain Curriculum, the broader OpenChain Project, and what can be expected around Open Source supply chain management in the coming year.
Software Heritage, a revolutionary infrastructure for software source code, O...OW2
Open Source Software is at the heart of our digital society and embodies a growing part of our technical and organisational knowledge, and this raises many questions: how to comply with the obligations of Open Source licenses? how to be sure that the source code of a key module we use will be still there when we need it in the future? do we really know what source code we are using, and where it comes from? how can we adress cybersecurity if we do not know? how do we share this information across the software supply chain?
Answering these questions and answering them well is quite a challenge.
In this presentation, you will discover Software Heritage, an open non-profit initiative, in partnership with Unesco, and supported by major IT players, and how the revolutionary infrastructure it is building changes the way we adress these issues.
Keynote presentation by Roberto Di Cosmo, Inria.
Abstract: With 8 billions unique source files from 120 million repositories, it is the largest archive of source code ever built.
Turn the legacy code in a totally new code starting with unit testing, style checking, documentation generation and finally the awaited continuous integration with various automation.
OIDF Workshop 4/29/2019 -- OpenID Research & Education Working Group UpdateOpenIDFoundation
Davide Vaghetti with Consortium GARR provided an update on the OpenID Foundation Research & Education (R&E) Working Group at the OIDF Workshop at Verizon Media on Monday, April 29, 2019.
This presentation covers the motivation that led the Samsung OSG to port Tizen to the Raspberry Pi2. It also goes over the technical hurdles that have been overcome and provides insight to where this project is headed in the future.
Cloud Native Computing Foundation (CNCF) is founded for a microservice based new computing paradigm. Fujitsu joined CNCF since last December expecting to establish a new open standard platform. In this session, we'd like to share idea behind our participation and technical topics we're now investigating.
This presentation was delivered at LinuxCon Japan 2016 by Hiroyuki Kamezawa and Wolfgang Ries.
Improving User Experience with Ubiquitous QuickBootICS
In this webinar, we will introduce QuickBoot and show how it can solve slow cold boot times. You will: • Learn the difference from other fast boot techniques on Linux or Android devices. • Get technical details of QuickBoot. • See a demonstration of a real-world embedded application illustrating the boot time performance.
This presentation, made for TI TechDays 2010, shows how with the right approach you can reduce the boot time of a cold Linux boot. In this case - the OMAP3530 EVM was used as a case study to achieve a less than one second boot time.
Have a quick overview of most of the embedded linux components and their details. How ti build Embedded Linux Hardware & Software, and developing Embedded Products
The Civil Infrastructure Platform (CIP) is creating a super long-term supported (SLTS) open source "base layer" for industrial grade software. We have been working on security fixes and some backported features since the moment we decided that Linux kernel v4.4 would be the first SLTS version. In this talk, we will describe the current development
status of the SLTS kernel and testing environment. First, we'll explain our kernel development policy. Then, we'll describe the functionality that has been backported. Second, we'll talk about testing before using our base-layer on real products. We have been developing a test framework to collect and share test results. To build it, we don't want to duplicate existing work such as KernelCI, Fuego and others. For that reason, we are trying to collaborate and contribute to such projects.
Strata - Scaling Jupyter with Jupyter Enterprise GatewayLuciano Resende
Born in academia, Jupyter notebooks are prevalent in both learning and research environments throughout the scientific community. Due to the widespread adoption of big data, AI, and deep learning frameworks, notebooks are also finding their way into the enterprise, which introduces a different set of requirements.
Alan Chin and Luciano Resende explain how to introduce Jupyter Enterprise Gateway into new and existing notebook environments to enable a “bring your own notebook” model while simultaneously optimizing resources consumed by the notebook kernels running across managed clusters within the enterprise. Along the way, they detail how to use different frameworks with Enterprise Gateway to meet the needs of data scientists operating within the AI and deep learning ecosystems.
LAS16-200: Firmware summit - Tianocore Progress and StatusLinaro
Title: Tianocore Progress and Status
A brief update on the progress of ARM64 support in EDK2 and OpenPlatformPkg. Also covering the next steps. Followed by a discussion period.
Speaker: Leif Lindholm
Kernel Recipes 2017 - Developing an embedded video application on dual Linux ...Anne Nicolas
Embedded video tends to be an increasing subject in embedded Linux developments. Even if ARM SOCs provide great resources for video treatment with dedicated IPU, GPU …, a dual approach based on FPGA + general purpose processor is an interesting alternative.
In this presentation Christian Charreyre will provide a return of experience of a video acquisition and treatment application developed on a Zynq board, with focus on interactions between the FPGA part and Linux. The presentation will also describe the embedded Linux development choices, based on standard meta-xilinx Yocto layer instead of current solutions using PetaLinux or WindRiver Pulsar.
The typical audience is people interested in embedded Linux solutions using a mixed architecture between a general purpose processor and a specialized co-processor. Attendees will receive informations on the relationships between the Linux environment and the FPGA about hardware description, boot mechanism, necessary customizations of Yocto recipes, and much more.
Christian Charreyre, CIO Systèmes Embarqués
Similar to OpenChain: How to manage OSS licenses for CI/CD development (20)
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Zoom is a comprehensive platform designed to connect individuals and teams efficiently. With its user-friendly interface and powerful features, Zoom has become a go-to solution for virtual communication and collaboration. It offers a range of tools, including virtual meetings, team chat, VoIP phone systems, online whiteboards, and AI companions, to streamline workflows and enhance productivity.
Navigating the Metaverse: A Journey into Virtual Evolution"Donna Lenk
Join us for an exploration of the Metaverse's evolution, where innovation meets imagination. Discover new dimensions of virtual events, engage with thought-provoking discussions, and witness the transformative power of digital realms."
In the ever-evolving landscape of technology, enterprise software development is undergoing a significant transformation. Traditional coding methods are being challenged by innovative no-code solutions, which promise to streamline and democratize the software development process.
This shift is particularly impactful for enterprises, which require robust, scalable, and efficient software to manage their operations. In this article, we will explore the various facets of enterprise software development with no-code solutions, examining their benefits, challenges, and the future potential they hold.
Utilocate offers a comprehensive solution for locate ticket management by automating and streamlining the entire process. By integrating with Geospatial Information Systems (GIS), it provides accurate mapping and visualization of utility locations, enhancing decision-making and reducing the risk of errors. The system's advanced data analytics tools help identify trends, predict potential issues, and optimize resource allocation, making the locate ticket management process smarter and more efficient. Additionally, automated ticket management ensures consistency and reduces human error, while real-time notifications keep all relevant personnel informed and ready to respond promptly.
The system's ability to streamline workflows and automate ticket routing significantly reduces the time taken to process each ticket, making the process faster and more efficient. Mobile access allows field technicians to update ticket information on the go, ensuring that the latest information is always available and accelerating the locate process. Overall, Utilocate not only enhances the efficiency and accuracy of locate ticket management but also improves safety by minimizing the risk of utility damage through precise and timely locates.
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeAftab Hussain
Understanding variable roles in code has been found to be helpful by students
in learning programming -- could variable roles help deep neural models in
performing coding tasks? We do an exploratory study.
- These are slides of the talk given at InteNSE'23: The 1st International Workshop on Interpretability and Robustness in Neural Software Engineering, co-located with the 45th International Conference on Software Engineering, ICSE 2023, Melbourne Australia
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteGoogle
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-pilot-review/
AI Pilot Review: Key Features
✅Deploy AI expert bots in Any Niche With Just A Click
✅With one keyword, generate complete funnels, websites, landing pages, and more.
✅More than 85 AI features are included in the AI pilot.
✅No setup or configuration; use your voice (like Siri) to do whatever you want.
✅You Can Use AI Pilot To Create your version of AI Pilot And Charge People For It…
✅ZERO Manual Work With AI Pilot. Never write, Design, Or Code Again.
✅ZERO Limits On Features Or Usages
✅Use Our AI-powered Traffic To Get Hundreds Of Customers
✅No Complicated Setup: Get Up And Running In 2 Minutes
✅99.99% Up-Time Guaranteed
✅30 Days Money-Back Guarantee
✅ZERO Upfront Cost
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Mind IT Systems
Healthcare providers often struggle with the complexities of chronic conditions and remote patient monitoring, as each patient requires personalized care and ongoing monitoring. Off-the-shelf solutions may not meet these diverse needs, leading to inefficiencies and gaps in care. It’s here, custom healthcare software offers a tailored solution, ensuring improved care and effectiveness.
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
E-commerce Application Development Company.pdfHornet Dynamics
Your business can reach new heights with our assistance as we design solutions that are specifically appropriate for your goals and vision. Our eCommerce application solutions can digitally coordinate all retail operations processes to meet the demands of the marketplace while maintaining business continuity.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
Mobile App Development Company In Noida | Drona InfotechDrona Infotech
Looking for a reliable mobile app development company in Noida? Look no further than Drona Infotech. We specialize in creating customized apps for your business needs.
Visit Us For : https://www.dronainfotech.com/mobile-application-development/
Mobile App Development Company In Noida | Drona Infotech
OpenChain: How to manage OSS licenses for CI/CD development
1. How to manage OSS licenses for CI/CD
development
Takuma Ueba
Fujitsu Computer Technologies Limited
Copyright 2019 FUJITSU COMPUTER TECHNOLOGIES LIMITED
1553ka1
2. whoami
Copyright 2019 FUJITSU COMPUTER TECHNOLOGIES LIMITED
I have contributed to the following communities
Linux kernel
U-Boot
Yocto Project
Developer of In-house Embedded Linux Distribution for Fujitsu
Our Distribution is built with Yocto Project
My team-member is maintainer of meta-spdxscanner(Lei Maohui)
and dnf-plugin-tui(Zheng Ruoqin)
Our Distribution is used for 80+ products
IVI
Server System Controller
Storage System
Network equipment etc..
Mainly platform community
1
3. Agenda
Copyright 2019 FUJITSU COMPUTER TECHNOLOGIES LIMITED
Why SPDX is needed?
Simple introduction of “meta-spdxscanner”
Case Study (CI/CD development)
Future Work (Current effort)
Finally
The names of products are the product names, trademarks or registered trademarks of the respective companies.
Trademark notices ((R),TM) are not necessarily displayed on system names and product names in this material.
2
4. Why SPDX is needed?
Copyright 2019 FUJITSU COMPUTER TECHNOLOGIES LIMITED
Difficult to manage OSS information
in various formats
product vendor
SPDX
OSS package information
lack of information
list
delivery
software A
software B
software C
delivery
delivery
Company A
Company B
Company C
supplier
Missing OSS License Information!?
3
5. Why SPDX is needed?
Copyright 2019 FUJITSU COMPUTER TECHNOLOGIES LIMITED
Extracting all license and
copyright information
Centralized format of package
information for easier management
delivery
software A
software B
software C
delivery
delivery
Company A
Company B
Company C
SPDX
OSS package information
SPDX
SPDX
Software Package Data eXchange
®
Standard format for communicating licenses, copyrights, etc. concerning software packages
SPDX is an efficient method to comply with OpenChain.
4
6. Simple introduction of “meta-spdxscanner”
Copyright 2019 FUJITSU COMPUTER TECHNOLOGIES LIMITED
Patches come
from 3rd
party
Yocto Project
meta-spdxscanner
SPDX files
openembedded-core
meta-oe
meta-……
OSS source code
・default output: SPDX files (considering OpenChain)
・currently use fossology as a license scanner (but considering change to scancode-toolkit.)
・support for SPDX “Modification” field
Yocto Project is embedded linux distribution build environment and De facto standard in WW.
(e.g. Automotive Grade Linux (AGL), SoC vendor BSP … built with YP)
do_fetch do_spdx do_package・・・do_unpack
Yocto Build process
5
7. Case Study (CI/CD development)
If integration (CI) is performed, new OSS and license will be
added, so it is necessary to clarify the license to deliver.
In CI/CD development, reducing scan time is an theme.
e.g. In Weekly Deploy environment, If it takes several hours,
it does not fit the development cycle.
Copyright 2019 FUJITSU COMPUTER TECHNOLOGIES LIMITED
scan time
delivery delivery
scan time
delivery delivery
scan scan
delivery delivery
time
integration integration scan
integration integrationscan
integration integration
6
8. Case Study (CI/CD development)
“meta-spdxscanner” improved performance by reusing
previous scan results.
Copyright 2019 FUJITSU COMPUTER TECHNOLOGIES LIMITED
0
50
100
150
200
250
ntp busybox openssl openssh
Spendtime(seconds)
OSS
first
reuse
7
9. Future work (current effort)
Automatically import spdx files from Yocto build process to
SW360 (OSS management tool).
Copyright 2019 FUJITSU COMPUTER TECHNOLOGIES LIMITED
meta-spdxscanner
License
scanner
Scan only files with differences.
(Currently, If there are differences in the source file, the entire file is rescanned.)
Automation
Easier license-clearing!
Output only differences to spdx
8
10. Finally
Copyright 2019 FUJITSU COMPUTER TECHNOLOGIES LIMITED
I'd appreciate it if you could give me feedback using
meta-spdxscanner.
github URL: https://github.com/dl9pf/meta-spdxscanner
If you want to know more about meta-spdxscanner,
please ask me.
9