Navigating the wild seas of open source license compliance

Описание: These days, every codebase relies on open source software (OSS). From testing tools to utility libraries and whole frameworks, using OSS accelerates development velocity and lets you focus on the parts of your app that really matter. But every package you use comes with its own license, and some licenses can introduce compliance or legal risk in unexpected ways.

What are licenses, how do they work, and how can you navigate the wild seas of OSS licensing to make the best use of open source, while still keeping your project compliant and secure? In this session, we'll talk through all of this and more.

📌 This session is a part of a series, learn more here - https://aka.ms/ReactorS-1311

Chapters
00:07 – Welcome & Housekeeping (Anna)
01:04 – Speaker Introduction: Eric Sorenson
02:16 – Why License Compliance Matters
03:30 – The Complexity of Open Source Licensing
04:47 – Maintainers, Users & Organizations: Different Needs
06:15 – Real‑World Consequences of Non‑Compliance
08:03 – What Is a License? BSD Example
10:22 – The GNU GPL & Copyleft Explained
12:30 – The Explosion of Licenses (SPDX, ScanCode)
14:36 – Recent Trends: AGPL, Relicensing, Open Core
16:32 – Dos & Don'ts for End Users & Contributors
17:54 – Dos & Don'ts for Maintainers
18:51 – How Enterprises Should Approach Licensing
21:29 – Implementing Compliance Programs (ISO 5230)
22:04 – Tools to Help: Reuse, SALSA, SBOMs
24:03 – GitHub Features for License Compliance
26:26 – GitHub Advanced Security: New License Compliance Preview
28:02 – Final Takeaways
29:18 – Closing Remarks & Upcoming Sessions

#MicrosoftReactor #learnconnectbuild

[eventID:26681]