FOSDEM Call For Participation: Dependency Management Devroom

Introduction to the Call for Participation

A popular form of software reuse involves linking open source software (OSS) libraries hosted on centralized code repositories, such as Maven, PyPI or NPM. Developers only need to declare dependencies to external libraries, and automated tools make them available to the workspace of the project. As recent events such as the LeftPad incident, which led to hundreds of thousands of websites to stop working, and the Equifax data breach, which led to a leak of hundreds of thousands of credit card numbers, have demonstrated, dependencies on networks of external libraries can introduce significant operational and compliance risks as well as difficulties to assess security implications.

What to do about that? What are the existing solutions and their limits? What future improvements can we expect from industry or from research? This Devroom is dedicated to discussing software dependencies and package dependency networks: issues, solutions and best practices. 

We are seeking speakers addressing the following topics, plus any related topics you think might fit into the room:

• tools that help solve the dependencies issues,
• use cases and examples of troubles encountered and impact of dependencies issues.

Please keep in mind that product pitches are not allowed at FOSDEM.

We hope to provide an opportunity for everyone to meet and exchange about dependency management issues, challenges and solutions. 

How to submit

Please submit your proposals at https://penta.fosdem.org/submission/FOSDEM20 before December 4th 2019.

If you already have a Pentabarf account (for example as a result of having submitted a proposal in the past), make sure you use it to log in and submit your proposal. Do not create a new account if you already have one. Please provide a bit of information about yourself under Person -> Description -> Abstract. When you submit your proposal (creating an "Event" in Pentabarf), make sure you choose "Dependency Management" in the track drop-down menu. Otherwise your proposal might go unnoticed. Fill in at least a title and abstract for the proposed talk and a suggested duration. Bear in mind that a lot of the value in these meetings comes from the discussions, so please be reasonable regarding the duration of the talk.

What information are required: 

• General:
  • First and last name
  • Nickname
  • Image
• Contact:
  • email address
  • mobile number (this is a very hard requirement as there will be no other reliable form of emergency communication on the day)

Create an event:

• On the General page:
  • Event title
  • Event subtitle.
• Track: Dependency Management Devroom
• Event type: Lecture (talk) or Meeting (BoF)
• Persons:
  • Add yourself as speaker.
• Description:
• Abstract:
  • Full Description
• Links:
  • Add relevant links.

If you have any issue with Pentabarf, please contact dependency-devroom-manager at fosdem.org. You can also send a notification of your submission there.

Important dates

• December 4th 2019: Deadline for submission of proposals
• December 9th 2019: Final notification to authors
• December 15th 2019: Developer rooms publish complete schedules

Recordings

The FOSDEM organizers hope to be able to live-stream and record all the talks. The recordings will be published under the same license as all FOSDEM content (CC-BY). Only presentations will be recorded, not informal discussions and whatever happens during breaks between presentations. By agreeing to present at FOSDEM, you automatically give permission to be recorded. The organizers will agree to make exceptions but only for exceptional and well-reasoned cases.