Vancouver, BC, Canada
August 27 & 28 - Co-Located Events, Tutorials, Labs & Lightning Talks
August 29-31 - Conference
Click Here For Information & Registration
Back To Schedule
Friday, August 31 • 4:50pm - 5:30pm
SPDX: The Lingua Franca of Open Source Governance - Gary O'Neall, Source Auditor Inc. & Tim Mackey, Black Duck Software

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Chances are, every component in your application has a license or uses a copyright with implied restrictions. Thus, every component you use imposes a burden on your users. Have you clearly communicated to your users what burden is? What if your project is used as a component in another application? Do your licensing obligations get lost in translation? SPDX is the language enabling all producers and consumers of open source to communicate and to know their components and obligations. In this talk, we’ll look at real-life cases of license (mis-)management. We’ll discuss how, with a few simple steps, developers can clearly communicate license information and reduce license risk for their users and how, with some open-source tools, SPDX can empower you to be in control of your licensing risks.


Tim Mackey

Technical Evangelist, Synopsys
avatar for Gary O'Neall

Gary O'Neall

CEO, Source Auditor
Gary O’Neall is a contributor to the Software Package Data Exchange® (SPDX™) - a standard format for communicating the components, licenses and copyrights associated with a software package. He has contributed several open source tools which can be found at http://spdx.org/s... Read More →

Friday August 31, 2018 4:50pm - 5:30pm PDT
Room 212