sneSCM

Scandinavian Network of Excellence
in
Software Configuration Management

Session abstracts:

Containers as your SBoM (Sofus Albertsen):
A “software bill of materials” (SBOM) is a key building block in software security and software supply chain risk management. With the introduction of containers you have your runtime, OS, and dependencies all in one package, making it easier than ever to generate a supporting bill of materials for your delivery pipeline.

I will introduce a couple of ways and tools you can utilize in making your SBOM with containers.

Version control tools for better design collaboration (Robin Lundin):
Design is getting more and more recognition within the IT product development sphere, and companies are searching for and hiring more UX, UI, Interaction, and Product Designers. This is positive and results in more usable products being delivered. But it also introduces new challenges within the product development process. As developers, we need to learn early on about how important structure and version control for the code is to be able to cope over time. Unfortunately, this is not the case for designers. Yes, designers most often do not write any code, but they still need to handle resources like sketches, prototypes, requirements, and user insights, which all like the code can change over time. These resources often act as the foundation for what the developers realize in their code. When these lack structure, version handling, etc. it can get very messy for all involved. In this session I will talk about digital design in general, the challenges above as well as solutions going forward.

Transformation upside down (Christian Pendleton):
Since the start of my career, I have been convinced that transformations of processes, procedures and toolchains should start from how we want to work and THEN choose what tools to use. I will share a story about when we were more or less forced to start with choosing new tools and after that discuss how to work and the how result really surprised us.

A Unified View of Continuous Integration, Continuous Delivery and Continuous Deployment (Lars Bendix):
The practices of Continuous Integration, Continuous Delivery and Continuous Deployment have many things in common. For one that they are supposed to be "continuous" - and also that "something" is moved from one place to another. For other things they differ - like the implementation details and the places that are in play.

In this micro-tutorial, I will try to see if we can find an abstraction level at which the three practices can be thought of as conceptually the same thing. I will also try to highlight the places where when you go into more detail the practices will begin to differ.

When you talk to other people (developers, managers) about the concepts maybe it would be best to stay at the abstract level and not confuse them with - for them - insignificant details and differences. When you have to implement the practices maybe you should pay attention also to the details where they differ - even if there can be a significant amount of "conceptual reuse".