Using Hermine

Hermine is an Open Source tool meant to complement existing ones in the field of Open Source legal compliance. It serves two main purposes: managing your SBOMs (Software Bill of Materials) and helping you to analyze Open Source licenses in order to automatically apply these to your SBOMs.

Contents

• Installing Hermine for production
  • Getting the code
  • Docker Compose
  • Hermine Docker image
  • Manual install
  • OAuth
  • Health check
• Getting started
  • Main concepts used
  • Main questions Hermine helps you answer
  • Manual workflow
• Defining a FOSS policy
  • Global characteristics of licenses
  • Authorized contexts and specific derogations
  • Obligations and compliance actions
• Reference data
  • Generic principles
  • Importing Community Data into your Hermine Server
  • Interacting with reference data in your Hermine instance
• REST API
  • Authentication via Token
  • Uploading a BOM file
  • Checking the validation steps
  • JUnit
  • Endpoints for compliance actions
  • Generic API endpoints for Models