AboutCode tools serve a diverse group of users with varying needs, technical backgrounds, and objectives. This document identifies the primary user roles to help tailor documentation and features more effectively.
Attributes: * Technical Level: High. Comfortable with command-line interfaces, APIs, and building from source. * Job Title: Software Engineer, Open Source Maintainer, DevOps Engineer. * Objectives:
- Integrate ScanCode or other tools into CI/CD pipelines.
- Contribute code fixes or new features to AboutCode projects.
- Automate software composition analysis.
Attributes: * Technical Level: Low to Moderate. Focuses on policy, legal obligations, and risk management. * Job Title: Open Source Program Office (OSPO) Manager, Legal Counsel, Compliance Manager. * Objectives:
- Ensure all software components have compatible licenses.
- Generate compliance artifacts (Attributions, BOMs).
- Understand license obligations and risks.
Attributes: * Technical Level: Moderate to High. Focuses on vulnerabilities and software supply chain security. * Job Title: Security Researcher, Application Security Engineer. * Objectives:
- Identify known vulnerabilities (CVEs) in software dependencies.
- Track the origin and provenance of code components.
- Respond to security advisories and patch requests.
Attributes: * Technical Level: Moderate. Focuses on product roadmap and external dependencies. * Job Title: Product Manager, Technical Lead. * Objectives:
- Understand the software bill of materials (SBOM) for their product.
- Evaluate the health and maintenance status of open source dependencies.
- Make decisions about which components to include in the product.
Attributes: * Technical Level: Varying (Novice to Expert). Learning about SCA and software licensing. * Job Title: Student, Academic Researcher. * Objectives:
- Learn how Software Composition Analysis works.
- Analyze datasets of open source packages for research.
- Understand the landscape of open source licensing.