About This Webinar:
A special panel on Containers and Compliance from the OpenChain Project hosted by Chris Wood, Chair of Specification. This panel will feature Caren Kresse, Heather Meeker, Mary Hardy and Till Jaeger.
More Details:
Join Chris and a panel of experts for an informal chat exploring the key challenges in achieving comprehensive license compliance within containerised environments. This discussion will cover three critical areas:
(1) Package Manager Transparency: The current products of several key package managers do not contain sufficient information to achieve true license compliance as many only reveal the top-level license. More often than not they fail to provide the necessary information (source code and SBOMs) for a comprehensive license assessment. Increased transparency and standardization in this area are crucial.
(2) Another cause lies with the design limitations of License Scanners: While license scanners are improving, many still lack the capability to deeply analyze binaries, resulting in incomplete and therefore inaccurate license compliance reports. The development of more robust and sophisticated scanning technologies is essential to address this gap.
(3) A need for improved developer awareness of container license and copyright information to help the community to achieve a comprehensive container license compliance process is necessary to achieve a shift in developer practices. A greater understanding of open source licensing and the importance of proper metadata Management is essential, as we are already doing through the OpenChain education and specifications work groups.
