Philippe Ombredanne is a FOSS hacker on a mission to make it easier and safer to reuse FOSS code. He is the maintainer of ScanCode, the industry standard licence detection tool, and other open-source tools for software composition analysis and licence & security compliance at AboutCode.org.
Philippe is the project lead in two supply chain projects funded by NGI0: FOSS Code Supply Chain Assurancewhich is building a new system to help verify the integrity of deployed code packages and validate their origin with external data sources, with the potential to mitigate attacks on open-source packages supply chains such as detecting if a package in use is matching verified code by matching source and binaries exactly and approximately; and Free Software Vulnerability Database which is a resource set up to aggregate software updates.
We are on a mission to make it easier to reuse free and open source software to build better apps and system, faster and more efficiently. For this we are creating the best-in-class open source tools and open data for software origin, license and security determination to help secure your software supply chain.