Brussels / 3 & 4 February 2018


Philippe Ombredanne

Photo of Philippe Ombredanne

I am on a mission to make it easier and safer to reuse FLOSS code. I am a passionate FLOSS hacker.

I co-maintain ScanCode and other related open source tools for open source discovery, analysis & compliance at including TraceCode to trace builds; upcoming new tools to build FLOSS code indexes and matching efficiently against indexed code; and another emerging tool to reliably map known security vulnerabilities to software packages.

I contribute to several other projects including most recently and proudly to the Linux kernel SPDX-ification; a bit to strace, SPDX, many Python-based tools, formerly to JBoss, Eclipse and Mozilla. I have been a long time GSoC mentor and org admin.

Work-wise, I am the CTO of nexB. We help software teams track what's in their code with DejaCode, a compliance dashboard with curated data, policies, workflows and automation for compliance and governance; and with professional services (with expertise in complex devices and binary analysis).



Title Day Room Track Start End
The package bazaars and the cathedrals
Compare and contrast distro and app package and dependency management practices and tools
Saturday K.3.201 Package Management 11:30 12:00
Debug your build by tracing and reversing
stracing your build from sources to binaries
Saturday AW1.121 Debugging tools 13:05 13:45
Meet purl: a "mostly" universal software package URL that purrs.
Or how to indentify & locate software packages reliably across tools, DBs, APIs and languages with an expressive and simple package URL.
Saturday K.3.201 Package Management 16:00 16:30
Package Management Panel Discussion
Future of Package Management
Saturday K.3.201 Package Management 17:00 18:00