Episode 35: Metrics for Downstream Users of Open Source with Justin Rackliffe episode artwork

EPISODE · May 21, 2021 · 39 MIN

Episode 35: Metrics for Downstream Users of Open Source with Justin Rackliffe

from CHAOSScast · host CHAOSS Project

Panelists Georg Link | Kate Stewart Guest Justin Rackliffe Sponsor SustainOSS Show Notes [00:02:17] Justin tells us what he does, his background, and his journey to where he is today. [00:04:47] Georg wonders if Justin is the only one helping with all the different concerns around open source, and he also tells us what the structure is like that he works within. [00:07:17] Kate wonders with the amount of automation happening behind the scenes to effectively make policy decisions if it is all still funneling more manually then Justin would like. Also, Justin explains how they want to leverage other people’s stuff and contributing back when they can. [00:09:58] Justin talks about SBOM’s being a challenge in the industry. [00:10:56] Kate explains what Software Bill of Materials (SBOM) and Software Package Data Exchange (SPDX) are. [00:15:18] Justin tells us other data points and metrics he employs besides SBOM. [00:19:08] Kate mentions one of the challenges is identity for software in the industry and matching it up to other sources of information and metrics, and she wonders if Justin finds it easy or hard to find that type of matching and if he’s looking at the National Vulnerability Database (NVD) as a set of risk metrics associated with a project whether it’s up to date as part of his signals. [00:22:31] Justin explains the difference in viewpoints between CHAOSS metrics and Downstream metrics. [00:25:14] Kate wonders how much some of the signals that the project sends about new releases and implicit end of life when you’ve got a new release coming out, and how much do people park on one release and not move it forward. [00:27:37] Justin talks about how tooling needs to be visible and we learn what kind of signals are useful to him. [00:31:17] We learn from Justin what he would like to see if Georg gave him a magic wand and he could wish for anything from the CHAOSS Project to support him. [00:34:41] Find out where you can follow Justin online. Value Adds (Picks) of the week [00:35:59] Georg’s pick is the Apple watch. [00:37:03] Kate’s pick is having a quarterly meeting with the NTIA SBOM working group. [00:37:53] Justin’s pick is his bike and getting out on the greenways. Links CHAOSS CHAOSS Project Twitter CHAOSScast Podcast [email protected] Justin Rackliffe Linkedin Justin Rackliffe Twitter [email protected] Fidelity Investments-GitHub SPDX-GitHub Apple Watch National Telecommunications and Information Administration SBOMSpecial Guest: Justin Rackliffe.

Panelists Georg Link | Kate Stewart Guest Justin Rackliffe Sponsor SustainOSS Show Notes [00:02:17] Justin tells us what he does, his background, and his journey to where he is today. [00:04:47] Georg wonders if Justin is the only one helping with all the different concerns around open source, and he also tells us what the structure is like that he works within. [00:07:17] Kate wonders with the amount of automation happening behind the scenes to effectively make policy decisions if it is all still funneling more manually then Justin would like. Also, Justin explains how they want to leverage other people’s stuff and contributing back when they can. [00:09:58] Justin talks about SBOM’s being a challenge in the industry. [00:10:56] Kate explains what Software Bill of Materials (SBOM) and Software Package Data Exchange (SPDX) are. [00:15:18] Justin tells us other data points and metrics he employs besides SBOM. [00:19:08] Kate mentions one of the challenges is identity for software in the industry and matching it up to other sources of information and metrics, and she wonders if Justin finds it easy or hard to find that type of matching and if he’s looking at the National Vulnerability Database (NVD) as a set of risk metrics associated with a project whether it’s up to date as part of his signals. [00:22:31] Justin explains the difference in viewpoints between CHAOSS metrics and Downstream metrics. [00:25:14] Kate wonders how much some of the signals that the project sends about new releases and implicit end of life when you’ve got a new release coming out, and how much do people park on one release and not move it forward. [00:27:37] Justin talks about how tooling needs to be visible and we learn what kind of signals are useful to him. [00:31:17] We learn from Justin what he would like to see if Georg gave him a magic wand and he could wish for anything from the CHAOSS Project to support him. [00:34:41] Find out where you can follow Justin online. Value Adds (Picks) of the week [00:35:59] Georg’s pick is the Apple watch. [00:37:03] Kate’s pick is having a quarterly meeting with the NTIA SBOM working group. [00:37:53] Justin’s pick is his bike and getting out on the greenways. Links CHAOSS CHAOSS Project Twitter CHAOSScast Podcast [email protected] Justin Rackliffe Linkedin Justin Rackliffe Twitter [email protected] Fidelity Investments-GitHub SPDX-GitHub Apple Watch National Telecommunications and Information Administration SBOMSpecial Guest: Justin Rackliffe.Support CHAOSScast

NOW PLAYING

Episode 35: Metrics for Downstream Users of Open Source with Justin Rackliffe

0:00 39:58

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of CHAOSScast?

This episode is 39 minutes long.

When was this CHAOSScast episode published?

This episode was published on May 21, 2021.

What is this episode about?

Panelists Georg Link | Kate Stewart Guest Justin Rackliffe Sponsor SustainOSS Show Notes [00:02:17] Justin tells us what he does, his background, and his journey to where he is today. [00:04:47] Georg wonders if Justin is the only one...

Can I download this CHAOSScast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!