FOSDEM 2023 Fringe event - FOSS license and security compliance tools developers and users workshop - Bruxelles 2023-02-03

FOSDEM Fringe event - Friday February 3rd 2023

FOSS license and security compliance tool developers and users workshop

We are organizing a one day workshop for developers and users of open source compliance tools. This is planned in Brussels just before FOSDEM on Friday February 3rd, 2023. We are inviting anyone interested in open source license and security compliance tools to join.

The goal of this one day event is for open source developers, users and contributors to exchange around tool requirements, plans, and collaboration opportunities.

Which tools is this about? FOSS tools for software provenance detection tools, license detection and compliance tools, code scanning tools, package dependency analysis tools, container analysis tools, SBOM creation and consumption tools, and license or vulnerability databases

Basically all the tools you need to figure out which FOSS code you use, where it is from, what is its license, how to comply with the license, and whether it contains vulnerable code. We organized this workshop last in 2020 (pre-COVID) and there were developers from the ORT, ScanCode, ClearlyDefined, FOSSology, Tern, VulnerableCode, SW360, DoubleOpen and OpenChain projects, and users from the finest organizations, technology and industrial companies worldwide. Whether you are a developer or user interested in the Software Supply Chain and SBOMs, a FOSS license-savvy lawyer, a compliance or security analyst, or an OSPO member: you will be warmly welcomed.

The day will be split in two:

• In the morning, the focus is on tool developers: they will announce and share their plans and we will discuss opportunities for collaboration, sharing and joint projects.    

• In the afternoon, the focus is on tool users: they will share their concerns, problems and requirements and we will discuss opportunities for collaboration and address these in the represented projects.    

Schedule (All times CET (UTC+1)
8:30 Welcome with coffee

9:00 FOSS compliance tool developers, present your plans!
Each open source project presents its plans for releases and upcoming features (we likely already know what your tool does, though a short intro is OK)

11:00 Discuss collaboration opportunities

12:00 Lunch break on-site with a sandwich and drink and then a coffee with fruits.
This is funded by attendees and our generaous sponsors!

13:30 FOSS compliance tool users, give us your requirements!
Each user presents its concerns, problems and requirements

15:30 Discuss collaboration and joint development opportunities
16:30 Workshop conclusion and recap
17:00 Off you go!

We will use flip charts, big post-its and markers to support the presentations and discussions. (There may not be a data projector, so do not plan for it).


Location
The Hotel Bedford
Rue du Midi 135
1000 Bruxelles, Belgium
https://www.hotelbedford.be/

Note this is the same place where the CHAOSS folks have their FOSDEM Fringe event
IMPORTANT: we switched venue because of more than expected attendees signing up!

Join Us
Grab a pass for free or help us with your contribution to fund the conference expenses.
Join us on this chat/IRC channel at https://gitter.im/aboutcode-org/fosdem-2023-foss-tools-day