Open Source Friday - [ScanCode] - [MM-DD-YYYY] #173
Description
Name
Philippe Ombredanne
GitHub Handle
Tell us about yourself
I am a FOSS hacker passionate about enabling easier and safer reuse of open source code. I am the lead maintainer of the AboutCode stack of open source tools for software composition analysis for security and license compliance, including the industry-leading ScanCode, DejaCode, PurlDB, Package-URL, and VulnerableCode. I contribute to several other open source projects, including CycloneDX, SPDX, ClearlyDefined, ORT, and several Python tools, and more modestly to linux and strace. I am also co-founding the AboutCode Foundation, a new non-profit association for the benefit of public, to sustain these open source tools, open data, and open standards we maintain.
Project Name
ScanCode
Project Repo Link
https://github.com/aboutcode-org/scancode.io
Stream Date
- Yes
- Not yet
Dates
No response
Twitter URL
No response
LinkedIn URL
https://www.linkedin.com/in/philippeombredanne/
Additional Information
I'd like to talk about ScanCode and Package-URL (PURL), and how small projects can have a massive ecosystem-wide impact. For instance how PURL started to solve a small problem in ScanCode and VulnerableCode and grew into the standard to reference packages in SBOMs, VEX and the emerging software supply chains, including making its way in the CVE schema and many security-related tools.