toggle quoted messageShow quoted text
Thanks for responding, Oliver.
I've copied Steve here, as his message got caught up in the
mailing list filter, as it looks likes he's not a member of the
SPDX general mailing list. (Steve - you can join here: https://spdx.org/participate
It occurred to me that perhaps a session on sw360 (and how it
works with SPDX) might be a good topic for an upcoming general
call? Phil - what do you think?
On 5/20/19 2:46 AM, Oliver Fendt wrote:
sw360 is an open source project under the
umbrella of the Eclipse foundation. Its is a software
component and product management system, which is on the one
hand a system where you can manage the software components
you are using no matter whether they are OSS, commercial or
internal components or other artifacts on the other hand it
is a system to manage your products (aka projects) in order
to keep track of the bill of “materials”, to generate the
OSS declaration document and source code bundles in scope of
For the integration in the CI/CD workflow it
provides a REST API
You can find the source code here:
Some documentation is available here:
If you like we can arrange a web meeting since
we are using sw360 in our daily work.
I first heard about
SW360 during the presentations at the Linux Open Source
Summit in Edinburgh. Searching around, though, I see very
little mention of it, to the point where it's difficult to
see whether this is a project just finding its feet, or
something that has already been abandoned. I'd be interested
in hearing from anyone who is actually using it in anger,
who is willing to share their experiences.
Thanks for any info,