Note: lists.openchainproject.org will be down for maintenance on Monday, September 26th, starting at 9AM Pacific Time (4PM Monday September 26, 2022 UTC), for approximately one hour.
Announce: OpenChain meeting at Supply Chain mini-summit on Oct 8
For those interested in improving the automated tracking of copyright, licensing and security information in the supply chain, we've managed to get a Supply Chain mini-summit added on after LinuxCon on October 8th.
As part of this, we'll be holding an OpenChain face to face working session, similar to our recent meeting at LinuxCon Seattle. For those able to be there in person,
please RSVP (see link below).
If there is sufficient interest, we'll set up a conference call for the OpenChain part of the agenda for those who are not able to attend in person, but are interested in following the discussion. Please let Kelly and Kate know if you're interested in this option.
9:00 - Intro to Supply Chain mini-summit (Kate Stewart)
9:05 - Overview of OpenChain, goals and status. (Dave Marr)
9:20 - Overview of SPDX project, review of 2.0 and plans for 2.1 (Phil Odence)
9:35 - Debsources as a community curated DB of copyright and license information (Stephano Zaccharoli)
10:20 - break
10:30 - DoSOCS - integrating security with license compliance (Sai Uday Shankar Korlimarla)
11:15 - OpenChain working session on the checklist (Dave Marr)
13:15 - lunch break
14:30 - Group brainstorming session on ways to improve automation around open source license compliance and tracking of relevant security information. (Kate to facilitate)
17:00 - wrap up and next steps
Please let me know if you have any questions.
Hope you see there,