SPDX Generation via Yocto and the New LID Code License Scanner
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore SPDX generation using Yocto and the new LID code license scanner in this informative conference talk. Gain insights into the advantages of LID and its integration with Yocto, as well as best practices for writing bitbake recipes to optimize license compliance scanning. Learn about the tool's minimal dependencies and its application in producing SPDX files for Dronecode's Snapdragon Flight-based releases. Discover the comparative analysis of LID with existing tools, covering aspects such as coverage, accuracy, and flexibility. Presented by Mark Charlebois, Director Engineering at Qualcomm Technologies Inc. and Dronecode TSC Chair, and Rashmi Chitrakar, Engineering Lead for Qualcomm's Open Source Technology Group, this talk offers valuable knowledge for developers working with open source software and license compliance.
Syllabus
Intro
Agenda
What is SPDX
Existing SPDX class
SPDX Archiver BV class
Limitations
Source Map
Initial Approach
Sourcemap
Nomos
Monk
Goals
Example Output
Comparative Analysis
Coverage
Accuracy
Flexibility
Example Package
Status
LiveMagic
Taught by
Linux Foundation
Tags
Related Courses
SPDX 3.0 Overview - Introduction to Software Package Data ExchangeLinux Foundation via YouTube Software Part Catalog Management for Successful SBOM Creation
Linux Foundation via YouTube Our Journey to Open Source - From a Conservative Japanese Company
Linux Foundation via YouTube SW360 SBOM - Managing Vulnerability Information, SPDX Documents and Dependency Networks
Linux Foundation via YouTube OpenDataology: Fixing Dataset Licensing for AI - A Call to Arms
Linux Foundation via YouTube