Philippe Ombredanne
Philippe Ombredanne is a FOSS hacker passionate about enabling easier and safer reuse of open source code. He is the lead maintainer of the AboutCode stack of open source tools for Software Composition Analysis and license and security compliance, including the industry-leading ScanCode, DejaCode, PurlDB, Package-URL, and VulnerableCode. Philippe contributes to other open source projects, including the Linux kernel SPDX-ification, SPDX, ClearlyDefined, strace, ORT, and several Python tools.
Sessions
The rapid adoption of AI-assisted coding tools like GitHub Copilot and ChatGPT has accelerated software development processes, but it has also introduced significant risks. Developers may unknowingly use AI-generated code that violates licensing restrictions or includes vulnerable third-party dependencies.
AI-generated code identification is essential to ensure responsible use of that code while enjoying the productivity gains.
In this talk, Philippe will share a new approach, using open source tools and open data, to identify and locate AI-generated code in software projects and products for safer, efficient, and more responsible and ethical use of AI-generated code.
The CRA is already here, and will impact software development worldwide. Organizations need efficient compliance processes, supported by excellent free and open source tools to correctly identify and manage software components and secure software supply chains.
Join us for the latest updates on how to use free and open source tools, data, and standards for better, faster, more efficient, and automated software supply chain management, for public and private organizations of all sizes.