You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm Rose and I'm a Senior Open Source/Tooling Engineer currently looking for a new role. My previous role at Broadcom involved building propietary automation that scanned binary artifacts for open source security and license compliance. Prior to that, I worked at VMware where I maintained Tern, a container inspection tool that helps users better understand their container supply chain. I still focus a great deal on open source tooling for Software Bill of Materials (SBOMs) and how, as an ecosystem, we can generate and exchange SBOMs more efficiently. Prior to VMware and Broadcom, I worked on embedded Linux distributions at IBM.
Open Source
Most of my work revolves around open source. I'm a contributor to the SPDX Tech and Security specification and lead the SPDX Steering Committee. I've spoken at Open Source conferences around the world and been on the program committees for those conferences. I used to write blogs for VMware about a variety of Open Source topics, too (Reproducible builds, anyone?). I was even lucky enough to have my open source journey profiled for the GitHub ReadME project.
Nonscholastic
When I'm not working from home you'll find me cooking, skiing β·οΈ, golfing ππ»ββοΈ, or riding my bike π΄ββοΈ with my family.
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-β¦
