|
OpenChain Specification Work Team - Fourth Monday Call - Mon, 2020-09-28 5:00pm-6:00pm
#cal-reminder
main@lists.openchainproject.org Calendar <main@...>
Reminder: OpenChain Specification Work Team - Fourth Monday Call When: Monday, 28 September 2020, 5:00pm to 6:00pm, (GMT-07:00) America/Los Angeles Where:Zoom - https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09 Organizer: Shane Coughlan scoughlan@... Description: Join Zoom Meeting ( https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09 ) Meeting ID: 999 012 0120 Password: 123456
|
|
|
|
Software-defined vertical industries: transformation through open source
Fantastic read. Well worth a look:
https://www.linuxfoundation.org/blog/2020/09/software-defined-vertical-industries-transformation-through-open-source/
|
|
|
|
Re: Helping to improve our web-app (translations)
Haksung
Hi Shane!
I sent a PR for Korean translation of the preamble : https://github.com/OpenChain-Project/Online-Self-Certification-Web-App/pull/181 Best Regards, Haksung
On Sep 23, 2020 2:45 PM +0900, Shane Coughlan <scoughlan@...>, wrote:
Translation time for our web app!
|
|
|
|
Antwort: [germany-wg] Helping to improve our web-app (translations)
Stefan Thanheiser
Hi all, Translation time for our web app! Hey everyone! We have added a new preamble to make it easier to understand the beginning of the online self-certification questionnaire. Can you help translate it into Korean, Chinese (both types), Japanese and German? https://github.com/OpenChain-Project/Online-Self-Certification-Web-App/pull/180 You do not need to go onto GitHub if you are not used to it. I just need a translation for: "We recommend having a look at the OpenChain Reference Training Slides and the OpenChain Reference Policy Template before undergoing Self-Certification. It will help frame the questions that follow." Shane
|
|
|
|
Helping to improve our web-app (translations)
Translation time for our web app!
Hey everyone! We have added a new preamble to make it easier to understand the beginning of the online self-certification questionnaire. Can you help translate it into Korean, Chinese (both types), Japanese and German? https://github.com/OpenChain-Project/Online-Self-Certification-Web-App/pull/180 You do not need to go onto GitHub if you are not used to it. I just need a translation for: "We recommend having a look at the OpenChain Reference Training Slides and the OpenChain Reference Policy Template before undergoing Self-Certification. It will help frame the questions that follow." Shane
|
|
|
|
Re: OpenChain Korea Meeting #7 - 22nd of September from 2pm local time
A reminder: we go live in 20 minutes!
On Sep 4, 2020, at 16:01, Shane Coughlan <scoughlan@...> wrote:
|
|
|
|
OpenChain Bi-Weekly Webinar - Mon, 2020-09-21
#cal-notice
main@lists.openchainproject.org Calendar <noreply@...>
OpenChain Bi-Weekly Webinar When: Where: Organizer: Description: Join Our Zoom Meeting
One Tap Telephone (no screensharing)
Find your local number: https://zoom.us/u/abeUqy3kYQ After dialing the local number enter 9990120120#
|
|
|
|
OpenChain Bi-Weekly Webinar - Mon, 2020-09-21 5:00pm-6:00pm
#cal-reminder
main@lists.openchainproject.org Calendar <main@...>
Reminder: OpenChain Bi-Weekly Webinar When: Monday, 21 September 2020, 5:00pm to 6:00pm, (GMT-07:00) America/Los Angeles Where:https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09 Organizer: Shane Coughlan scoughlan@... 00818040358083 Description: This is part of the bi-weekly OpenChain Webinar series. Every two weeks we have international speakers covering a wide range of topics related to practical open source compliance challenges, solutions and considerations. You can learn more about this series here: https://www.openchainproject.org/webinars-interviews Join Our Zoom Meeting
One Tap Telephone (no screensharing)
Find your local number: https://zoom.us/u/abeUqy3kYQ After dialing the local number enter 9990120120#
|
|
|
|
OpenChain Bi-Weekly Webinar - Mon, 2020-09-21 5:00pm-6:00pm
#cal-reminder
main@lists.openchainproject.org Calendar <main@...>
Reminder: OpenChain Bi-Weekly Webinar When: Monday, 21 September 2020, 5:00pm to 6:00pm, (GMT-07:00) America/Los Angeles Where:https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09 Organizer: Shane Coughlan scoughlan@... 00818040358083 Description: This is part of the bi-weekly OpenChain Webinar series. Every two weeks we have international speakers covering a wide range of topics related to practical open source compliance challenges, solutions and considerations. You can learn more about this series here: https://www.openchainproject.org/webinars-interviews Join Our Zoom Meeting
One Tap Telephone (no screensharing)
Find your local number: https://zoom.us/u/abeUqy3kYQ After dialing the local number enter 9990120120#
|
|
|
|
Re: License issue on linuximq
G, Rahul Mohan
Hi Joel,
Yes, that is what I inferred.
Regards, Rahul
From: main@... <main@...>
On Behalf Of ???(Joel)
Sent: Saturday, September 19, 2020 12:20 PM To: main@... Subject: Re: [openchain] License issue on linuximq
Hi Rahul. Thanks for the clue. A member of our team also noticed this commit. So just I assume your opinion is that it should be GPLv2+ since they intentionally changed the text, right?
|
|
|
|
Re: License issue on linuximq
曹知渊(Joel)
Hi Rahul. Thanks for the clue. A member of our team also noticed this commit. So just I assume your opinion is that it should be GPLv2+ since they intentionally changed the text, right?
toggle quoted messageShow quoted text
|
|
|
|
Re: License issue on linuximq
G, Rahul Mohan
Dear Joel and Carlo,
They have changed the license.
Regards, Rahul
From: main@... <main@...>
On Behalf Of Carlo Piana
Sent: Friday, September 18, 2020 4:26 PM To: main@... Subject: Re: [openchain] License issue on linuximq
Dear Joel,
My take in this case is that the specific licensing in the file trumps the overarching license for the project. I wonder if there is any contrarian views. Certainly they should have explained better what their intention was.
Actually I see they use GPL 2+, which is incidentally somewhat aligned, meaning that you can treat the software equally as 2+ or 3+. So perhaps the intention is to prefer the latter, but allow for the earlier version.
Cheers
Carlo
|
|
|
|
Re: License issue on linuximq
曹知渊(Joel)
Filed an issue several days ago but still waiting for reply. T_T
toggle quoted messageShow quoted text
|
|
|
|
Re: License issue on linuximq
Manbeck, Jack
I would contact the repo owner for clarification. In situations like this, that is what we normally do.
Best Regards,
Jack Manbeck Texas Instruments
From: main@... [mailto:main@...]
On Behalf Of Carlo Piana
Sent: Friday, September 18, 2020 6:56 AM To: main@... Subject: [EXTERNAL] Re: [openchain] License issue on linuximq
Dear Joel,
My take in this case is that the specific licensing in the file trumps the overarching license for the project. I wonder if there is any contrarian views. Certainly they should have explained better what their intention was.
Actually I see they use GPL 2+, which is incidentally somewhat aligned, meaning that you can treat the software equally as 2+ or 3+. So perhaps the intention is to prefer the latter, but allow for the earlier version.
Cheers
Carlo
|
|
|
|
Re: License issue on linuximq
Carlo Piana
Dear Joel, My take in this case is that the specific licensing in the file trumps the overarching license for the project. I wonder if there is any contrarian views. Certainly they should have explained better what their intention was. Actually I see they use GPL 2+, which is incidentally somewhat aligned, meaning that you can treat the software equally as 2+ or 3+. So perhaps the intention is to prefer the latter, but allow for the earlier version. Cheers Carlo
Da: "曹知渊(Joel)" <joel.cao@...>
|
|
|
|
License issue on linuximq
曹知渊(Joel)
Hello everyone.
We are considering using https://github.com/imq/linuximq in some product. The files are patches for Linux Kernel. But the license of this project seems a bit confusing. As stated in the README,
the license is GPLv3+. GPLv3+ is not compatible with GPLv2 which means these patches should not be applied to Linux Kernel. But if you open the patches, you will find GPLv2 notice in there instead of GPLv3+. So can we just simply treat this project as a GPLv2’ed
one? Thanks.
OPPO
本电子邮件及其附件含有OPPO公司的保密信息,仅限于邮件指明的收件人使用(包含个人及群组)。禁止任何人在未经授权的情况下以任何形式使用。如果您错收了本邮件,请立即以电子邮件通知发件人并删除本邮件及其附件。
This e-mail and its attachments contain confidential information from OPPO, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it!
|
|
|
|
OpenChain Specification Second Monday Call September 2020 - Full Recording
The full recording of the OpenChain Specification Second Monday September 2020 is now available. This is a great way to connect with discussions about potential new reference material, clarifications and explorations of future evolution of the standard for open source compliance in the supply chain.
https://youtu.be/8FODiNmikjk
|
|
|
|
OpenChain Specification Work Team - Second Monday Meeting - Mon, 2020-09-14
#cal-notice
main@lists.openchainproject.org Calendar <noreply@...>
OpenChain Specification Work Team - Second Monday Meeting When: Where: Organizer: Description: Join Zoom Meeting ( https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09 )
Meeting ID: 999 012 0120
Password: 123456
|
|
|
|
OpenChain Specification Work Team - Second Monday Meeting - Mon, 2020-09-14 9:00am-10:00am
#cal-reminder
main@lists.openchainproject.org Calendar <main@...>
Reminder: OpenChain Specification Work Team - Second Monday Meeting When: Monday, 14 September 2020, 9:00am to 10:00am, (GMT-07:00) America/Los Angeles Where:Zoom Organizer: Shane Coughlan scoughlan@... Description: Join Zoom Meeting ( https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09 )
Meeting ID: 999 012 0120
Password: 123456
|
|
|
|
Re: OpenChain Webinar #11 - Open Source Issues Remediation + Community Bridge and SPDX Online Tools + CII Best Practices - Full Recording
Thanks McCoy.
I suppose I oughtn't have said "there's no real notion of "premises" in the GPL", perhaps that was too broad a statement. I still think it is largely true
as the example you've included seems to be referring to attributes that indicate a "consumer product" even if it has commercial uses or is installed via a licensed professional. It's my assumption that this type of attribute is meant to demonstrate that a
smart thermostat running GNU/Linux (for example) still has to comply with the GPL even if it is installed in an office by an electrician. From GPLv3; "A product is a consumer product regardless of whether the product has substantial commercial, industrial
or non-consumer uses, unless such uses represent the only significant mode of use of the product."
At the risk of beating a dead horse I think that "premises" is alluding to the bit of popular jargon "on-prem" which I take to mean an on premises installation of a server or a SaaS product. If that's the case it can potentially be confusing for those who
don't have a clear picture of the GPL's notion of "distribution". If you're created a "derived work" with the GPL it doesn't matter which premises it runs at, rather it matters how you've distributed it. It's a rather small point but it is mine and a I made
it. 😊
Regards,
Jeremiah
From: main@... <main@...> on behalf of McCoy Smith <mccoy@...>
Sent: Friday, September 11, 2020 1:37:52 PM To: main@... Subject: Re: [openchain] OpenChain Webinar #11 - Open Source Issues Remediation + Community Bridge and SPDX Online Tools + CII Best Practices - Full Recording
*** THIS IS AN EXTERNAL EMAIL: Please do not reply, click on any links, or open any attachments unless you trust the sender and know that the content is safe. ***
Well, there is this: “A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) *anything designed or sold for incorporation into a dwelling.*” I don’t think that’s what the author meant by the language you quote below about “consumer premises.” [I haven’t looked at the slides]
FWIW, the language above was adapted from the Magnuson-Moss warranty act from the USA: https://www.law.cornell.edu/uscode/text/15/2301
Andy Wilson and I did a preso, quite some time ago, about the Installation Information requirement and how one should think about compliance with it, which I have posted to my website for those who really want to delve into this little-remarked upon provision. Bradley Kuhn also did a preso about it for the Linux Foundation more recently: https://events19.linuxfoundation.org/wp-content/uploads/2017/11/Safely-Copylefted-Cars-Reexamining-GPLv3-Installation-Information-Requirements-ALS-Bradley-Kuhn-Behan-Webster-1.pdf directed to the automotive industry
https://www.lexpan.law/post/gplv3-s-installation-information-requirement
From: main@... <main@...>
On Behalf Of Jeremiah C. Foster
Hi OpenChainers!
Thanks Shane and everyone for the webinar. After reading the slides from the "Open Source Issues Remediation" I have a small nit to pick.
On slide 10 the author writes "the goal of the [GPL] v3 license is to prevent Tivoization". While that is clearly the goal of Section 6 of the GPL v3, that is not the goal of the entire license. The goal of the license, at least from what I understand from those who were involved in its creation, was to be more GPL-like. That means it is meant to be modified by the copyright holder just as source code licensed under the GPL v2 is meant to modified. This can create an extremely flexible license should the copyright holder need that. The GPLv3 also makes explicit some implicit elements of the previous versions of the GPL, like how to cure violations effectively and how software patents are treated. The overall goal was to make a better GPL license.
The author also writes "this [the GPLv3 anti-tivoization clause] is a problem, especially if the product is a consumer premises product." I would disagree with the idea that this is a "problem", the anti-tivoization clause actually is a solution to a host of problems where companies comply with the letter of the GPLv2 but prevent modification of a user's device through deliberate use of encryption or obfuscation. I don't think this comports with the spirit of the GPL family of licenses which is designed to give users control over the Free Software on their devices.
Lastly, there's no real notion of "premises" in the GPL though there certainly is a notion of a consumer product. A car might be an example of a consumer product that may contain GPLv3 source code but is not limited to "premises", thus the wording of the problem statement is somewhat misleading.
Regards,
From:
main@... <main@...> on behalf of Shane Coughlan <scoughlan@...>
*** THIS IS AN EXTERNAL EMAIL: Please do not reply, click on any links, or open any attachments unless you trust the sender and know that the content is safe. ***
This e-mail and any attachment(s) are intended only for the recipient(s) named above and others who have been specifically authorized to receive them. They may contain confidential information. If you are not the intended recipient, please do not read this email or its attachment(s). Furthermore, you are hereby notified that any dissemination, distribution or copying of this e-mail and any attachment(s) is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender by replying to this e-mail and then delete this e-mail and any attachment(s) or copies thereof from your system. Thank you.
|
|
|
