BoF: Supply Chain Security, SBOMs and Package Managers
10-27, 12:15–12:55 (Europe/Berlin), BoF Space 1 (meet under the @ sign in Cafeteria)

BoFs are sessions presented by community members as an opportunity to gather and discuss special topics of interest. BoFs can be anything from agenda-driven to an open-ended discussion.


Discuss what can be done from a package manager perspective to produce high quality SBOMs and help secure the software supply chain. We will discuss challenges, solutions and potential points of collaboration. Reference the OpenSSF work in related areas - especially the supply chain integrity working group and the SBOMs everywhere working group.

Maximilian Huber is a open source compliance nerd and principal consultant at TNG Technology Consulting, where he is specialized on building and integrating Open Source compliance solutions from Open Source.

He is a commiter and maintainer in several Open Source projects like FOSSology, SW360, LDBcollector, yacp and the license-compliance-toolbox. His activity can be found on https://github.com/maxhbr.

Maximilian other most prominent interests are functional programming languages like Haskell and functional package managing with NixOS.

This speaker also appears in: