SPDX 2.0 includes several new features such as the ability to describe relationships between packages, files, and external SPDX documents. It also allows annotations on any element, supports additional file types and checksum algorithms, and introduces a new license expression syntax. While most fields from SPDX 1.2 remain the same, some sections such as Review Information were replaced with new sections like Annotations.
Your LDAP Directory, such as Active Directory, already knows lots of things about your users, computers, groups, and more. By leveraging that information, we can learn how to automate and integrate your KACE Appliances using your existing infrastructure. Learn more: http://dell.to/1GDYpr8
2014 10-14: GitHub plus FOSS == 1 million SPDXNuno Brito
SPDX is an open format for describing software licenses, contents and ownership. It is a simple text document with great benefits for software governance. But have you ever seen one? Despite being an open standard, there aren't many available to public. Using only Linux, GitHub and F/OSS tools, Nuno and Ben were fuelled to prove that SPDX is also applicable to everyday projects. As result, the first large-scale SPDX Internet archive came to exist. Join this presentation to learn how over 1 million SPDX documents were created using open data in large-scale repositories and how easy it is to create one. From now forward you'll be able to express the licenses in your code automatically and create licensing transparency by yourself.
The performance evaluation roadmap outlines the process for setting goals and receiving feedback over the course of a school year. Key steps include: 1) Identifying strategic priorities and setting 4 performance goals, 3 leadership behaviors, and 2 development goals in August; 2) Meeting with the Head of School to discuss goals and sign off in August and January; 3) Receiving bi-monthly coaching and feedback between September and May; 4) Preparing a mid-year and year-end review to track progress on goals.
The document outlines the Digital Six Sigma DMAIC improvement process which includes defining opportunities, measuring performance, analyzing opportunities, improving performance, and controlling performance. It lists the main activities and key deliverables for each phase such as developing a team charter, process maps, measurement plans, identifying and validating root causes, generating and selecting solutions, and implementing and controlling solutions.
When I was a young engineer, I grew listening to an old software engineer that said too often: "You don't know, what you don't know".As years passed, that strange motto started to make more sense for software development. We send zip files or gits with the code of our products to other people in a professional context, too often without really knowing what kind of third-party code and licenses are inside. In this session we go through simple techniques to clearly list the third-party libraries, code snippets and marking your own software as yours in a standardized manner. So that the next time you share code professionally, it is easy for others to understand the applicable licenses and copyrights within.
1) The document discusses challenges with managing open source license compliance across complex supply chains, where license information is created and shared in different formats with unpredictable quality.
2) It proposes using the SPDX standard format for license bills of materials to help standardize license data sharing. Establishing a community of trusted suppliers who contribute high quality license data created using consistent processes could further improve efficiency.
3) The document also considers approaches like having license data managed independently by a third party and provided as a service to ensure license compliance is built into the supply chain.
Your LDAP Directory, such as Active Directory, already knows lots of things about your users, computers, groups, and more. By leveraging that information, we can learn how to automate and integrate your KACE Appliances using your existing infrastructure. Learn more: http://dell.to/1GDYpr8
2014 10-14: GitHub plus FOSS == 1 million SPDXNuno Brito
SPDX is an open format for describing software licenses, contents and ownership. It is a simple text document with great benefits for software governance. But have you ever seen one? Despite being an open standard, there aren't many available to public. Using only Linux, GitHub and F/OSS tools, Nuno and Ben were fuelled to prove that SPDX is also applicable to everyday projects. As result, the first large-scale SPDX Internet archive came to exist. Join this presentation to learn how over 1 million SPDX documents were created using open data in large-scale repositories and how easy it is to create one. From now forward you'll be able to express the licenses in your code automatically and create licensing transparency by yourself.
The performance evaluation roadmap outlines the process for setting goals and receiving feedback over the course of a school year. Key steps include: 1) Identifying strategic priorities and setting 4 performance goals, 3 leadership behaviors, and 2 development goals in August; 2) Meeting with the Head of School to discuss goals and sign off in August and January; 3) Receiving bi-monthly coaching and feedback between September and May; 4) Preparing a mid-year and year-end review to track progress on goals.
The document outlines the Digital Six Sigma DMAIC improvement process which includes defining opportunities, measuring performance, analyzing opportunities, improving performance, and controlling performance. It lists the main activities and key deliverables for each phase such as developing a team charter, process maps, measurement plans, identifying and validating root causes, generating and selecting solutions, and implementing and controlling solutions.
When I was a young engineer, I grew listening to an old software engineer that said too often: "You don't know, what you don't know".As years passed, that strange motto started to make more sense for software development. We send zip files or gits with the code of our products to other people in a professional context, too often without really knowing what kind of third-party code and licenses are inside. In this session we go through simple techniques to clearly list the third-party libraries, code snippets and marking your own software as yours in a standardized manner. So that the next time you share code professionally, it is easy for others to understand the applicable licenses and copyrights within.
1) The document discusses challenges with managing open source license compliance across complex supply chains, where license information is created and shared in different formats with unpredictable quality.
2) It proposes using the SPDX standard format for license bills of materials to help standardize license data sharing. Establishing a community of trusted suppliers who contribute high quality license data created using consistent processes could further improve efficiency.
3) The document also considers approaches like having license data managed independently by a third party and provided as a service to ensure license compliance is built into the supply chain.
A speech at the Open Source Leadership Summit 2017 by Jilayne Lovejoy, Principal Open Source Counsel, ARM.
"We’ve come a long way, but ...Open source license compliance is still a challenge." So what do we do next? "We can ease the pain... via collaborative efforts in open source compliance."
RDA & serials-transitioning to rda within a marc 21 frameworkNASIG
RDA & Serials Transitioning to RDA within a MARC 21 Framework provides an overview of cataloging serials according to RDA. It discusses identifying RDA records, RDA terminology compared to AACR2, transcribed versus recorded elements, and preferred sources of information. Getting started with RDA serial cataloging involves determining if the resource is a serial based on its mode of issuance, choosing the appropriate issue to use as the basis for description, and identifying preferred sources of information within that issue.
OpenChain Webinar #50 - An Overview of SPDX 3.0Shane Coughlan
SPDX 3.0 aims to increase modularity and interoperability by defining core, software, licensing, security, build, AI, and dataset profiles. The core model contains common elements, while profiles add additional elements and properties specific to their domain. Future work includes profiles for hardware and supporting automation for safety standards compliance. The build profile aims to capture build information for reproducibility, auditing, and safety. The AI profile proposes additional properties for AI components, datasets, and applications. SPDX 3.1 may include a safety profile to link safety artifacts and enable detection of retesting needs due to file updates.
Managing Open Source Software Supply ChainsnexB Inc.
Heather Meeker and Michael Herzog discuss the latest trends in open source compliance for supply chain activities: the key legal issues for supply chain management as well as the latest automation tools and projects for open source management.
Agenda
• Legal issues for supply chain management
• Best practices to avoid claims and reduce risk
• Latest automation tools and projects for open source compliance management
RDA & serials-transitioning to rda within a marc 21 framework-handoutNASIG
Over the past two years, CONSER has been developing documentation and "bridge" training material as RDA cataloging policies and best practices evolve. By June 2013, post RDA implementation guidelines from the PCC should be in place and ready for practical implementation.
The workshop will provide basic instructions for RDA serials cataloging based on the most up to date PCC and CONSER RDA decisions and practices. The presenters will incorporate in-class, hands-on exercises to engage participants in active learning. Prior to the workshop, attendees will be expected to complete prerequisite self study training modules on FRBR Fundamental Concepts and the RDA Toolkit. Also prior to the workshop attendees may participate in an online follow-up session on the prerequisite materials to complement the in-class training component.
This workshop is aimed at experienced AACR2 catalogers making the transition to RDA.
In this webinar, nexB co-founder and CTO Philippe Ombredanne introduces ScanCode.io, and explains the challenges of scanning Docker images for provenance analysis. Philippe then demonstrates how to use ScanCode.io for Software Composition Analysis (SCA) with Docker images.
ScanCode is the most effective and efficient open source tool for SCA, used and trusted by most of the major tech companies. With ScanCode.io, you can analyze a complete container or VM image, a specific single application package, or a customized pipeline.
ScanCode is 100% open source under Apache 2.0 and other business-friendly licenses, and supports all programming languages and environments.
Ready to get started with ScanCode?
Download at https://nexb.github.io/scancode.io-homepage/
Learn more about ScanCode at https://nexb.com/scancode
How to Manage Open Source requirements with AboutCodenexB Inc.
Presentation from nexB Inc. by Dennis Clark, Product Manager, and Pierre Lapointe, Customer Care Manager.
Attendees discovered how to manage open source (and third-party) software license requirements in their products with AboutCode, nexB's open source project available on GitHub.
The presentation included:
- How to document provenance (origin and license) and other important information about software components inside a codebase,
- How to automate OSS Attribution Notice generation.
More information on http://www.aboutcode.org/.
Operating System Practice : Meeting 4 - operasi file dan struktur direktori-s...Syaiful Ahdan
This document discusses file operations and directory structure in Linux operating systems. It describes the hierarchical tree structure of the Linux file system with the root directory at the top. It also defines standard directories like /bin, /etc, and /home and explains directory descriptions. The document outlines file types, properties, naming conventions, and symbolic links. It provides examples of commands to view file contents and search files.
While other domains like construction, mechanical engineering, or even computer hardware have long used the concept of Bill of Materials (BOMs), software traditionally has not followed this best practice. There have been efforts running for over a decade to address this, and recent developments have pushed forward the use and wide adoption of Software BOMs.
ISO/IEC 5962:2021 is the Software Package Data Exchange (SPDX) specification that defines a standard way of communicating information about software components. It includes, but is not limited to, metadata such as name and version but also licensing or security information.
In this talk, we will present the concepts of SBOMs, explain the real-world requirements met in areas like security and compliance, and describe the basic elements defined in SPDX
LOD2 plenary meeting in Paris: presentation of WP6: State of Play: LOD2 Stack Architecture, by Bert Van Nuffelen, Kurt De Muelenaere, Bastiaan Deblieck - TenForce.
Demo presented at 16th International Symposium on Electronic Theses and Dissertations ETD 2013 organized by Hongkong University Libraries, Hong Kong between 22nd September to 26th September.http://lib.hku.hk/etd2013/programme.html#23
DISCO is a customizable Internet-based ETL system that extracts and populates data into relational databases, manages data workflows, integrates with version control systems, and allows ontological annotations. It uses XML templates to extract and transform data from different sources and formats into a DISCO database, with tools to assist in creating scripts and documentation available online.
DSpace is an open source digital repository software package typically used to create open access repositories for scholarly content. It can store any digital media type and is optimized for text-based files. DSpace uses a Java platform with a PostgreSQL or Oracle database and has features like full-text search, persistent identifiers, and the ability to handle any file type. The community development model is open source under a BSD license.
Software Bill of Materials (SBOMs) are rapidly becoming increasingly important in the software supply chain. Software Package Data Exchange (SPDX) is a freely available ISO standard that defines the way of communicating information about software components. It includes, but is not limited to, metadata such as name and version, but also licensing and security information.
In this talk, we will present the latest updates from the ever-changing landscape of SBOMs and SPDX, focusing in real-world use cases. Familiarity with the concepts will not be assumed, as they will be briefly explained.
The document discusses various documentation tools and formats for PHP projects including phpDocumentor, DoxyGen, DocBook, and reStructuredText (reST). It provides an overview of each tool's features and capabilities for generating API documentation, tutorials, and other documentation from source code comments and files. The document aims to help developers choose the best documentation approach for their specific projects and needs.
Introduction to Digital Humanities: Metadata standards and ontologies LIBIS
Metadata standards and ontologies are important for digital humanities research. Key points from the document include:
- Standards help ensure consistency, reliability, and interoperability. They are developed through an open process involving interested parties.
- The standards landscape includes formats, technical protocols, descriptive standards for libraries, archives, and museums. Dublin Core is commonly used for discovery.
- Ontologies provide rules for describing context and relationships through semantic web technologies like RDF. They help link and integrate data.
- Standards and ontologies in digital cultural heritage include BIBFRAME, CIDOC-CRM, SKOS, and others to represent information for discovery, interpretation, and reuse.
This document discusses using RELAX NG for defining DITA document type shells and modules. It provides an overview of RELAX NG and how it is a good match for DITA requirements. It demonstrates how to create a RELAX NG shell that includes vocabulary and constraint modules to define a DITA document type, and how the RELAX NG files can be converted to generate conforming DTD and XSD shells and modules.
Managing Software Inventories & Automating Open Source Software CompliancenexB Inc.
Stephen Gillespie of Fenwick & West and Michael Herzog of nexB review the most common open source license obligations, highlight the challenges of fast paced component-based software development from a compliance angle and what you can do to better monitor this in your software inventories.
E-commerce Development Services- Hornet DynamicsHornet Dynamics
For any business hoping to succeed in the digital age, having a strong online presence is crucial. We offer Ecommerce Development Services that are customized according to your business requirements and client preferences, enabling you to create a dynamic, safe, and user-friendly online store.
Zoom is a comprehensive platform designed to connect individuals and teams efficiently. With its user-friendly interface and powerful features, Zoom has become a go-to solution for virtual communication and collaboration. It offers a range of tools, including virtual meetings, team chat, VoIP phone systems, online whiteboards, and AI companions, to streamline workflows and enhance productivity.
A speech at the Open Source Leadership Summit 2017 by Jilayne Lovejoy, Principal Open Source Counsel, ARM.
"We’ve come a long way, but ...Open source license compliance is still a challenge." So what do we do next? "We can ease the pain... via collaborative efforts in open source compliance."
RDA & serials-transitioning to rda within a marc 21 frameworkNASIG
RDA & Serials Transitioning to RDA within a MARC 21 Framework provides an overview of cataloging serials according to RDA. It discusses identifying RDA records, RDA terminology compared to AACR2, transcribed versus recorded elements, and preferred sources of information. Getting started with RDA serial cataloging involves determining if the resource is a serial based on its mode of issuance, choosing the appropriate issue to use as the basis for description, and identifying preferred sources of information within that issue.
OpenChain Webinar #50 - An Overview of SPDX 3.0Shane Coughlan
SPDX 3.0 aims to increase modularity and interoperability by defining core, software, licensing, security, build, AI, and dataset profiles. The core model contains common elements, while profiles add additional elements and properties specific to their domain. Future work includes profiles for hardware and supporting automation for safety standards compliance. The build profile aims to capture build information for reproducibility, auditing, and safety. The AI profile proposes additional properties for AI components, datasets, and applications. SPDX 3.1 may include a safety profile to link safety artifacts and enable detection of retesting needs due to file updates.
Managing Open Source Software Supply ChainsnexB Inc.
Heather Meeker and Michael Herzog discuss the latest trends in open source compliance for supply chain activities: the key legal issues for supply chain management as well as the latest automation tools and projects for open source management.
Agenda
• Legal issues for supply chain management
• Best practices to avoid claims and reduce risk
• Latest automation tools and projects for open source compliance management
RDA & serials-transitioning to rda within a marc 21 framework-handoutNASIG
Over the past two years, CONSER has been developing documentation and "bridge" training material as RDA cataloging policies and best practices evolve. By June 2013, post RDA implementation guidelines from the PCC should be in place and ready for practical implementation.
The workshop will provide basic instructions for RDA serials cataloging based on the most up to date PCC and CONSER RDA decisions and practices. The presenters will incorporate in-class, hands-on exercises to engage participants in active learning. Prior to the workshop, attendees will be expected to complete prerequisite self study training modules on FRBR Fundamental Concepts and the RDA Toolkit. Also prior to the workshop attendees may participate in an online follow-up session on the prerequisite materials to complement the in-class training component.
This workshop is aimed at experienced AACR2 catalogers making the transition to RDA.
In this webinar, nexB co-founder and CTO Philippe Ombredanne introduces ScanCode.io, and explains the challenges of scanning Docker images for provenance analysis. Philippe then demonstrates how to use ScanCode.io for Software Composition Analysis (SCA) with Docker images.
ScanCode is the most effective and efficient open source tool for SCA, used and trusted by most of the major tech companies. With ScanCode.io, you can analyze a complete container or VM image, a specific single application package, or a customized pipeline.
ScanCode is 100% open source under Apache 2.0 and other business-friendly licenses, and supports all programming languages and environments.
Ready to get started with ScanCode?
Download at https://nexb.github.io/scancode.io-homepage/
Learn more about ScanCode at https://nexb.com/scancode
How to Manage Open Source requirements with AboutCodenexB Inc.
Presentation from nexB Inc. by Dennis Clark, Product Manager, and Pierre Lapointe, Customer Care Manager.
Attendees discovered how to manage open source (and third-party) software license requirements in their products with AboutCode, nexB's open source project available on GitHub.
The presentation included:
- How to document provenance (origin and license) and other important information about software components inside a codebase,
- How to automate OSS Attribution Notice generation.
More information on http://www.aboutcode.org/.
Operating System Practice : Meeting 4 - operasi file dan struktur direktori-s...Syaiful Ahdan
This document discusses file operations and directory structure in Linux operating systems. It describes the hierarchical tree structure of the Linux file system with the root directory at the top. It also defines standard directories like /bin, /etc, and /home and explains directory descriptions. The document outlines file types, properties, naming conventions, and symbolic links. It provides examples of commands to view file contents and search files.
While other domains like construction, mechanical engineering, or even computer hardware have long used the concept of Bill of Materials (BOMs), software traditionally has not followed this best practice. There have been efforts running for over a decade to address this, and recent developments have pushed forward the use and wide adoption of Software BOMs.
ISO/IEC 5962:2021 is the Software Package Data Exchange (SPDX) specification that defines a standard way of communicating information about software components. It includes, but is not limited to, metadata such as name and version but also licensing or security information.
In this talk, we will present the concepts of SBOMs, explain the real-world requirements met in areas like security and compliance, and describe the basic elements defined in SPDX
LOD2 plenary meeting in Paris: presentation of WP6: State of Play: LOD2 Stack Architecture, by Bert Van Nuffelen, Kurt De Muelenaere, Bastiaan Deblieck - TenForce.
Demo presented at 16th International Symposium on Electronic Theses and Dissertations ETD 2013 organized by Hongkong University Libraries, Hong Kong between 22nd September to 26th September.http://lib.hku.hk/etd2013/programme.html#23
DISCO is a customizable Internet-based ETL system that extracts and populates data into relational databases, manages data workflows, integrates with version control systems, and allows ontological annotations. It uses XML templates to extract and transform data from different sources and formats into a DISCO database, with tools to assist in creating scripts and documentation available online.
DSpace is an open source digital repository software package typically used to create open access repositories for scholarly content. It can store any digital media type and is optimized for text-based files. DSpace uses a Java platform with a PostgreSQL or Oracle database and has features like full-text search, persistent identifiers, and the ability to handle any file type. The community development model is open source under a BSD license.
Software Bill of Materials (SBOMs) are rapidly becoming increasingly important in the software supply chain. Software Package Data Exchange (SPDX) is a freely available ISO standard that defines the way of communicating information about software components. It includes, but is not limited to, metadata such as name and version, but also licensing and security information.
In this talk, we will present the latest updates from the ever-changing landscape of SBOMs and SPDX, focusing in real-world use cases. Familiarity with the concepts will not be assumed, as they will be briefly explained.
The document discusses various documentation tools and formats for PHP projects including phpDocumentor, DoxyGen, DocBook, and reStructuredText (reST). It provides an overview of each tool's features and capabilities for generating API documentation, tutorials, and other documentation from source code comments and files. The document aims to help developers choose the best documentation approach for their specific projects and needs.
Introduction to Digital Humanities: Metadata standards and ontologies LIBIS
Metadata standards and ontologies are important for digital humanities research. Key points from the document include:
- Standards help ensure consistency, reliability, and interoperability. They are developed through an open process involving interested parties.
- The standards landscape includes formats, technical protocols, descriptive standards for libraries, archives, and museums. Dublin Core is commonly used for discovery.
- Ontologies provide rules for describing context and relationships through semantic web technologies like RDF. They help link and integrate data.
- Standards and ontologies in digital cultural heritage include BIBFRAME, CIDOC-CRM, SKOS, and others to represent information for discovery, interpretation, and reuse.
This document discusses using RELAX NG for defining DITA document type shells and modules. It provides an overview of RELAX NG and how it is a good match for DITA requirements. It demonstrates how to create a RELAX NG shell that includes vocabulary and constraint modules to define a DITA document type, and how the RELAX NG files can be converted to generate conforming DTD and XSD shells and modules.
Managing Software Inventories & Automating Open Source Software CompliancenexB Inc.
Stephen Gillespie of Fenwick & West and Michael Herzog of nexB review the most common open source license obligations, highlight the challenges of fast paced component-based software development from a compliance angle and what you can do to better monitor this in your software inventories.
E-commerce Development Services- Hornet DynamicsHornet Dynamics
For any business hoping to succeed in the digital age, having a strong online presence is crucial. We offer Ecommerce Development Services that are customized according to your business requirements and client preferences, enabling you to create a dynamic, safe, and user-friendly online store.
Zoom is a comprehensive platform designed to connect individuals and teams efficiently. With its user-friendly interface and powerful features, Zoom has become a go-to solution for virtual communication and collaboration. It offers a range of tools, including virtual meetings, team chat, VoIP phone systems, online whiteboards, and AI companions, to streamline workflows and enhance productivity.
OpenMetadata Community Meeting - 5th June 2024OpenMetadata
The OpenMetadata Community Meeting was held on June 5th, 2024. In this meeting, we discussed about the data quality capabilities that are integrated with the Incident Manager, providing a complete solution to handle your data observability needs. Watch the end-to-end demo of the data quality features.
* How to run your own data quality framework
* What is the performance impact of running data quality frameworks
* How to run the test cases in your own ETL pipelines
* How the Incident Manager is integrated
* Get notified with alerts when test cases fail
Watch the meeting recording here - https://www.youtube.com/watch?v=UbNOje0kf6E
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
Flutter is a popular open source, cross-platform framework developed by Google. In this webinar we'll explore Flutter and its architecture, delve into the Flutter Embedder and Flutter’s Dart language, discover how to leverage Flutter for embedded device development, learn about Automotive Grade Linux (AGL) and its consortium and understand the rationale behind AGL's choice of Flutter for next-gen IVI systems. Don’t miss this opportunity to discover whether Flutter is right for your project.
Graspan: A Big Data System for Big Code AnalysisAftab Hussain
We built a disk-based parallel graph system, Graspan, that uses a novel edge-pair centric computation model to compute dynamic transitive closures on very large program graphs.
We implement context-sensitive pointer/alias and dataflow analyses on Graspan. An evaluation of these analyses on large codebases such as Linux shows that their Graspan implementations scale to millions of lines of code and are much simpler than their original implementations.
These analyses were used to augment the existing checkers; these augmented checkers found 132 new NULL pointer bugs and 1308 unnecessary NULL tests in Linux 4.4.0-rc5, PostgreSQL 8.3.9, and Apache httpd 2.2.18.
- Accepted in ASPLOS ‘17, Xi’an, China.
- Featured in the tutorial, Systemized Program Analyses: A Big Data Perspective on Static Analysis Scalability, ASPLOS ‘17.
- Invited for presentation at SoCal PLS ‘16.
- Invited for poster presentation at PLDI SRC ‘16.
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdfVALiNTRY360
Salesforce Healthcare CRM, implemented by VALiNTRY360, revolutionizes patient management by enhancing patient engagement, streamlining administrative processes, and improving care coordination. Its advanced analytics, robust security, and seamless integration with telehealth services ensure that healthcare providers can deliver personalized, efficient, and secure patient care. By automating routine tasks and providing actionable insights, Salesforce Healthcare CRM enables healthcare providers to focus on delivering high-quality care, leading to better patient outcomes and higher satisfaction. VALiNTRY360's expertise ensures a tailored solution that meets the unique needs of any healthcare practice, from small clinics to large hospital systems.
For more info visit us https://valintry360.com/solutions/health-life-sciences
Hand Rolled Applicative User ValidationCode KataPhilip Schwarz
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Łukasz Chruściel
No one wants their application to drag like a car stuck in the slow lane! Yet it’s all too common to encounter bumpy, pothole-filled solutions that slow the speed of any application. Symfony apps are not an exception.
In this talk, I will take you for a spin around the performance racetrack. We’ll explore common pitfalls - those hidden potholes on your application that can cause unexpected slowdowns. Learn how to spot these performance bumps early, and more importantly, how to navigate around them to keep your application running at top speed.
We will focus in particular on tuning your engine at the application level, making the right adjustments to ensure that your system responds like a well-oiled, high-performance race car.
SMS API Integration in Saudi Arabia| Best SMS API ServiceYara Milbes
Discover the benefits and implementation of SMS API integration in the UAE and Middle East. This comprehensive guide covers the importance of SMS messaging APIs, the advantages of bulk SMS APIs, and real-world case studies. Learn how CEQUENS, a leader in communication solutions, can help your business enhance customer engagement and streamline operations with innovative CPaaS, reliable SMS APIs, and omnichannel solutions, including WhatsApp Business. Perfect for businesses seeking to optimize their communication strategies in the digital age.
How Can Hiring A Mobile App Development Company Help Your Business Grow?ToXSL Technologies
ToXSL Technologies is an award-winning Mobile App Development Company in Dubai that helps businesses reshape their digital possibilities with custom app services. As a top app development company in Dubai, we offer highly engaging iOS & Android app solutions. https://rb.gy/necdnt
What is Master Data Management by PiLog Groupaymanquadri279
PiLog Group's Master Data Record Manager (MDRM) is a sophisticated enterprise solution designed to ensure data accuracy, consistency, and governance across various business functions. MDRM integrates advanced data management technologies to cleanse, classify, and standardize master data, thereby enhancing data quality and operational efficiency.
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsPeter Muessig
The UI5 tooling is the development and build tooling of UI5. It is built in a modular and extensible way so that it can be easily extended by your needs. This session will showcase various tooling extensions which can boost your development experience by far so that you can really work offline, transpile your code in your project to use even newer versions of EcmaScript (than 2022 which is supported right now by the UI5 tooling), consume any npm package of your choice in your project, using different kind of proxies, and even stitching UI5 projects during development together to mimic your target environment.
Do you want Software for your Business? Visit Deuglo
Deuglo has top Software Developers in India. They are experts in software development and help design and create custom Software solutions.
Deuglo follows seven steps methods for delivering their services to their customers. They called it the Software development life cycle process (SDLC).
Requirement — Collecting the Requirements is the first Phase in the SSLC process.
Feasibility Study — after completing the requirement process they move to the design phase.
Design — in this phase, they start designing the software.
Coding — when designing is completed, the developers start coding for the software.
Testing — in this phase when the coding of the software is done the testing team will start testing.
Installation — after completion of testing, the application opens to the live server and launches!
Maintenance — after completing the software development, customers start using the software.
Transform Your Communication with Cloud-Based IVR SolutionsTheSMSPoint
Discover the power of Cloud-Based IVR Solutions to streamline communication processes. Embrace scalability and cost-efficiency while enhancing customer experiences with features like automated call routing and voice recognition. Accessible from anywhere, these solutions integrate seamlessly with existing systems, providing real-time analytics for continuous improvement. Revolutionize your communication strategy today with Cloud-Based IVR Solutions. Learn more at: https://thesmspoint.com/channel/cloud-telephony
2. 2
SPDX® 2.0 - what’s new?
▪ Multiple packages can now be described in a single SPDX document.
▪ Relationships between packages, files, and external SPDX documents,
can now be described.
▪ Annotations can be provided on any specific element in an SPDX
document.
▪ Additional file types & checksum algorithms are now supported.
▪ Download location information has been expanded.
▪ A new license expression syntax has been introduced with improved
license matching guidelines.
▪ License exceptions are separate section in license list.
3. 3
SPDX® 2.0 - what’s changed from 1.2?
▪ Review Information section replaced by Annotations.
▪ now able to provide specific information on file, package
or document level.
▪ Document and Creation Information sections merged into a
single section.
▪ all fields from 1.2 remain, just regrouped, and some
additional ones added.
4. 4
SPDX® 2.0 - what’s the same as 1.2?
▪ Most of it!
▪ Approx 90% of the fields are basically the same as in 1.2 (42/46).
▪ The 4 deprecated fields have been replaced with more generalized support.
▪ Still can refer to licenses not on SPDX License List
▪ more licenses added to SPDX License List (from Fedora “good” list).
▪ Same basic file formats supported
▪ Tag:Value
▪ RDF/XML
▪ translation to spreadsheets
5. 5
Package Information
The SPDX Document
SPDX v1.2 File SPDX v2.0 File
Creation Information
Package Information
Other Licensing Information
Other Licensing Information
Other Licensing Information
File Information
Other Licensing Information
Review Information
Document Creation Information
Package Information
Other Licensing InformationOther Licensing Information
Other Licensing InformationFile Information
Other Licensing Information
Annotations
Other Licensing InformationRelationships
6. 6
Document and Creation Information
▪ SPDX Version (used in creation of SPDX file)
▪ Licensing of meta data
▪ SPDX Identifier for the document itself
▪ Name of this Document
▪ SPDX Document Namespace (URI)
▪ External SPDX Doc References
▪ License List Version
▪ Creator (how was the file created)
▪ Manual review (who, when)
▪ Tool (id, version, when)
▪ When was it created
▪ Comments on creator and document itself
7. 7
Package Information
▪ Identification
▪ Formal Name of Package (Full name given by originator and version information)
▪ SPDX Identifier (unique ID for referencing from elsewhere)
▪ Package File Name (Name package obtained under (.tar, .rpm, etc.))
▪ Package Supplier and Originator
▪ Package Download Location (download URL and repository information )
▪ Package Verification Code and Checksum (SHA1, MD5, SHA256)
▪ Package Homepage and Source Information
▪ Licensing for Package
▪ Declared License- License(s) that has/have been asserted for the package
▪ Concluded License- License that Creator has concluded
▪ List of file licenses
▪ Comments Field (for example, to explain conclusion)
▪ Copyright Text
▪ Description of Package (summary and detailed options) and comments about the package
8. 8
File Information
▪ Identification
▪ File Name
▪ SPDX Identifier (for referencing from elsewhere)
▪ File Type (source, binary, archive,application,audio,image,text,video,documentation,spdx)
▪ Artifact of Project Name, Homepage & URI (project it came from)
▪ File Checksum (SHA1, MD5, SHA256)
▪ Licensing for File
▪ Concluded License (license determined by SPDX file creator)
▪ License Information in File
▪ Comments on License
▪ Copyright Text
▪ File Notices
▪ File Contributor
▪ File Dependencies
▪ File Comments
9. 9
Other Licensing Information
Provides a way to identify licenses not on the SPDX License List
▪ Identifier Assigned (unique short form to this document)
▪ Extracted Text
▪ Name of License
▪ Cross References
▪ Comments
10. 10
Relationships
▪ Each SPDX Document has a
unique identifier
▪ Elements within a document
have an identifier unique to
the SPDX document (e.g.
Document itself, Package,
File & License)
▪ Elements in external
documents are referenced
using the external document
ID followed by the local
unique reference.
SPDX Document A
….
SPDXRef-DOCUMENT…
…
File Name: ./abc/def
SPDXID: SPDXRef-201
…
SPDX Document B
….
ExternalDocumentRef: DocumentRef-A …
…
...
... DocumentRef-A:SPDXRef-DOCUMENT…
...
… DocumentRef-A:SPDXRef-201...
…
12. 12
Annotations
▪ Annotation allows for comments on any SPDX file, package
or document.
▪ Annotations can provide a changelog for any changes made
to that file, package, or document (as appropriate).
▪ Annotations contain:
▪ annotator (the person, company, or tool which provided the annotation)
▪ date the annotation made
▪ type of annotation (review or other)
▪ SPDX identifier reference (element the annotation refers to)
▪ comments
13. 13
Matching Guidelines and templates
▪ License Matching Guidelines
▪ For matching licenses and license exceptions against those included on the
SPDX License List
▪ http://spdx.org/spdx-license-list/matching-guidelines
▪ License templates
▪ Denotes text which is omittable or replaceable per the license matching
guidelines
▪ Markup included in .txt files http://git.spdx.org/?p=license-list.git;a=summary
and (will be) illustrated via colored text on spdx.org/licenses HTML pages
14. 14
License Expression Syntax
▪ Enabling more complex licensing scenarios using operators:
+ WITH AND OR
▪ Licenses with “or later” option: were listed as separate licenses; now can
use + operator
▪ License exceptions: were listed as separate licenses; now on a separate
list, enabling more combinations using WITH operator
▪ As a result, some licenses were deprecated (will be denoted on SPDX
License List and maintained for compatibility purposes)
▪ AND for conjunctive license sets; OR for disjunctive license sets
▪ Can be used with ( ) to create more complex expressions
▪ License Expression Syntax is located in Appendix to spec
15. 15
SPDX® 2.0 - Model Overview
▪ Result of merging two model proposal
▪ Designed to support all of the proposed use cases for 2.0
(and then some)
▪ Contains several new “abstractions” to allow for future
extensions
▪ Available in the spec and at http://wiki.spdx.
org/view/Technical_Team/Model_2_0
16. 16
RDF Overview
▪ What?
▪ Resource Description Framework - standard for
encoding data for the Semantic Web
▪ Why?
▪ Precise
▪ Widely adopted
▪ Web based standard
▪ Support for “reasoning”
17. 17
SPDX 2.0 RDF Changes
▪ Additional classes and properties to match the SPDX
2.0 model
▪ Use of the SPDX document namespace to uniquely
identify all SPDX elements in the document
▪ All documents will have a unique URI for a
namespace
▪ All elements will have a URI with the namespace +
#ElmentID
18. 18
RDF and Tag:Value
▪ Tools to translate both ways
▪ Common names for “most” of the properties
▪ Exceptions for enumeration values which must be
unique in RDF (e.g. annotationType_review =
REVIEW)
▪ Document Namespace tag key to URI
19. 19
Notes for Implementers
▪ Careful of the Infinite Recursion of Relationships
▪ External Document References key to building URI’s for
external documents
▪ Leverage existing implementations (git.linuxfoundation.org)
▪ The RDF schema can be found at http://spdx.
org/rdf/ontology/spdx-2-0-rev-11/
20. 20
How to Provide Feedback
▪ Add a Comment or Question on the draft working document:
▪ use this for typos/format errors/etc.
▪ Open a bug on the SPDX spec
▪ https://bugs.linuxfoundation.org/enter_bug.cgi?product=spdx
▪ use this for issues that might be showstoppers and things to consider for the next
release. Set the target release to 2.0. We review these weekly.
▪ Send email to spdx-legal mail list
▪ https://lists.spdx.org/mailman/listinfo/spdx-legal
▪ use this for queries about the licenses or issues related to the SPDX License List.
▪ Send email to spdx-tech mail list
▪ https://lists.spdx.org/mailman/listinfo/spdx-tech
▪ use this for general queries about the spec that don’t fit into the other channels.
29. 29
Relationship Use Cases
Binary only delivery
• SPDX for the binary points to SPDX
doc for the code used to build it
(generatedFrom)
• SPDX for the binary points to SPDX
doc for a library it links with at run
time (dynamicLink)
Binary
SPDX
Source
SPDX
dynamicLink Library
SPDX
generatedFrom
30. 30
More precise
description of the
“bits”
• Instead of a single SPDX file
with “the kitchen sink” or
multiple ones that must have a
document to say what they are,
we can now be more precise
and have the docs refer to
themselves
Application
SPDX
Source
SPDX
(License:
BSD-3-
Clause)
Binary
SPDX
(License:
BSD-3-
Clause)
Documents
SPDX
(License: CC-
BY-3.0)
describes
generatedFrom
Test Sftw
SPDX
(License:
MIT)
testCaseOf
Relationship Use Cases
31. 31
Supply Chains
• Changes can be tracked as software
moves through a supply chain
• Entity A gives a library, libA, to Entity B
• Entity B makes changes to libA and
describes those changes with a new
SPDX doc that refers to the original
one.
libA
SPDX
Entity A
Entity B
descendantOf
fileAdded
fileModified
fileRemoved
New libA
SPDX
Relationship Use Cases
Package to Package
relationship
File to Package
relationship
32. 32
Resources for SPDX®
▪ Open Source Tools (hosted on SPDX Git Repo)
▪ Viewer
▪ Spreadsheet to RDF/Tag Value xlator
▪ RDF/Tag Value to Spreadsheet xlator
▪ License file generator (from Spreadsheet)
▪ Spreadsheet template
▪ FOSSology via University of Nebraska Omaha
▪ Commercial Tools
▪ Scanning tools to provide SPDX® support
▪ http://spdx.org/
33. 33
Getting involved…
▪ See:
▪ http://www.spdx.org
▪ Mailing lists, meetings, wiki
▪ Contact:
▪ Phil Odence (Chair) - podence@blackducksoftware.com
▪ Kate Stewart (Tech Team Chair) - stewart@linux.com
▪ Gary O’Neal (Tools Lead) - gary@sourceauditor.com
▪ Jilayne Lovejoy (Legal Team Co-Chair) - opensource@jilayne.com
▪ Paul Maddick, (Legal Team Co-Chair) - paul.madick@hp.com
▪ Jack Manbeck (Business Team Co-Chair) - j-manbeck2@ti.com
▪ Mikael Söderberg (Business Team Co-Chair) - mikael.soderberg@pelagicore.com