Re: Proposal - OpenChain Quality of Conformance Assessment Levels (including a sub-proposal for tooling quality assessment levels)
It does appear this mental model can provide an avenue forward.
toggle quoted messageShow quoted text
Speculation: if the market(s) dictate various concepts of evolution, we will probably see differentiation by sector regarding preferred evolution paths. For example, what aerospace and defense sees as natural may be alien to automotive, despite neither sector being better or worse in where they land. This applies with perhaps greater contrast when we consider sectors like consumer electronics or consumables. When a cigarette company (for example) thinks about continual evolution of their compliance program, where they land will probably be significantly different to where a global phone-maker lands. This is no bad thing. It provides plenty space for user-company groupings or third-party certifiers to model grading for open source license compliance programs. And it does not undermine the fact that OpenChain ISO 5230 defines the key requirements of a quality open source compliance program.
On Aug 26, 2021, at 6:22, Christopher Wood <cvw01@...> wrote:
|
|