More: [ Ссылка ]

X-Road® is open-source software and ecosystem solution that provides unified and secure data exchange between organisations. X-Road is a digital public good verified by the Digital Public Goods Alliance, and it’s released under the MIT open source license and is available free of charge. X-Road is used as a national data exchange solution in Estonia, Finland, Iceland and many other countries around the world. X-Road utilises many third party open source libraries and components that are licensed under various open source licenses. The dependencies are managed using different package management systems depending on their implementation technologies, e.g., Gradle / Java, NPM / Javascript. Overall, the number of direct dependencies is counted in tens and the number of transitive dependencies is counted in hundreds. The main challenges regarding the open source license compliance are how to meet the requirements of the licenses of different 3rd party components and how to know that they're not conflicting with the main license? Until 2021 the legal qualities of the X-Road’s software packages were validated approximately once year using a project based approach that required a lot of manual work. In summer 2021, the open source compliance was automated to the largest effective extent by taking into use Open Source Review Toolkit (ORT) and integrating it into the development process and CI/CD pipelines. In my talk, I'm going to give an overview of X-Road first. Then, I'm going to discuss the open source compliance automation project, its different phases and deliverables. The main scope of the presentation is to discuss the benefits of open source compliance automation and what should be taken consideration in the process.

###

Follow us on Social Media and join the Community!
Mastodon: [ Ссылка ]
LinkedIn: [ Ссылка ]

Website: [ Ссылка ]
Mail: info@foss-backstage.de

FOSS Backstage is an event by Plain Schwarz – [ Ссылка ]

свернуть