Connecting the Dots: A Dive Through the Layers of Your Open-Source Supply Chain
Like modern manufacturing, modern open-source software development relies on a supply of components that depend on one another in order to function as designed. Peeling back the onion of what software components rely on underneath the surface can be difficult and confusing. Yet necessary to truly understand what open-source policy you need to implement in order to avoid unintended surprises, both legally and from a security perspective. In this session, we’ll explore the relationship between open-source libraries commonly used together in modern open-source applications and what you need make sure you’re aware of before you deploy your next build.
Larry Copeland
Larry Copeland is a Solutions Architecture Lead at Tidelift, Inc. He helps companies implement Tidelift’s open-source solutions to better understand the open source they are currently using and how they can shore up their open-source supply chain to increase developer velocity as well as improve open source compliance.