main@lists.openchainproject.org

Re: OpenChain Automation Case Study launches September 22nd at 06:00 UTC (8am Berlin / 3pm Tokyo)

Maximilian Huber

#4198

Hey all

Here is the link to the repository of the presented tool:
https://github.com/opossum-tool/OpossumUI/


Best
Maximilian

Am Montag, dem 13.09.2021 um 21:44 +0900 schrieb Shane Coughlan:

Show quoted text

Dear all

As previously discussed, we will be launching a rolling case study
between September and December 2021. This case study will be anchored
by webinars in and around a new GUI tool from Facebook + TNG.

We initially planned to begin on September 15th. However, Michael (FB)
and Max (TNG) are holding a launch event in Germany on the 22nd, so we
will align the global launch with that date. 

You will find the event details in the OpenChain global calendar. You
can join this event via our normal Zoom room. No registration is
necessary.
https://zoom.us/j/4377592799

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan

-- 
Maximilian Huber * maximilian.huber@tngtech.com * +49-174-3410223
TNG Technology Consulting GmbH, Beta-Str. 13a, 85774 Unterföhring
Geschäftsführer: Henrik Klagges, Dr. Robert Dahlke, Thomas Endres
Sitz: Unterföhring * Amtsgericht München * HRB 135082

OpenChain Automation Case Study Part #1

Shane Coughlan

#4197

We had a very big audience today. Thank you all for your attention and contributions.

Part #1 explores a new graphical tool from Facebook/TNG to make open source tooling easier to use. Our demo shows ORT calling ScanCode in a clean, simple way. We also discuss how the graphical interface was designed.

Please find the video covering all the key material here:
https://www.openchainproject.org/featured/2021/09/22/automation-case-study

The Q&A section was recorded and will be released shortly.

REMINDER: OpenChain automation case study at 12:00 UTC on Wednesday (today) - 13:00 UK - 14:00 CEST - 20:00 CST - 21:00 KST + JST

Shane Coughlan

#4196

We launch *the* OpenChain automation case study… 🤦‍♂️

This is a must-see for those working in open source compliance. 
12:00 UTC / 05:00 PST / 13:00 BST / 14:00 CEST / 17:30 IST / 20:00 CST / 21:00 KST + JST. 
https://zoom.us/j/4377592799

No registration. 

Regards

Shane

Show quoted text

On Sep 22, 2021, at 19:08, Shane Coughlan via groups.io <scoughlan=linuxfoundation.org@groups.io> wrote:

We launch of the OpenChain automation case study about using open source tools for open source compliance at 12:00 UTC on Wednesday (today). This is a rolling case-study between September and December 2021. It will be the largest case study ever undertaken in this space. All welcome. No registration.
https://zoom.us/j/4377592799

September 22nd (today):
We explore a new graphical tool from Facebook/TNG to make open source tooling easier to use. 
 * Our real-world demo will show ORT calling ScanCode in a clean, simple way.
 * We will have an interview about how the graphical interface was designed.
	• September 29th, we will have an interview about how the tool internals was designed.
	• October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
	• October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
	• November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
	• November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
	• December 8th, Facebook Usage Case Study.
	• December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.
Need help with your timezone?
12:00 UTC / 05:00 PST / 13:00 BST / 14:00 CEST / 17:30 IST / 20:00 CST / 21:00 KST + JST. 

REMINDER: OpenChain automation case study at 12:00 UTC on Wednesday (today) - 13:00 UK - 14:00 CEST - 20:00 CST - 21:00 KST + JST

Shane Coughlan

#4195

We launch of the OpenChain automation case study about using open source tools for open source compliance at 12:00 UTC on Wednesday (today). This is a rolling case-study between September and December 2021. It will be the largest case study ever undertaken in this space. All welcome. No registration.

https://zoom.us/j/4377592799

September 22nd (today):
We explore a new graphical tool from Facebook/TNG to make open source tooling easier to use.

* Our real-world demo will show ORT calling ScanCode in a clean, simple way.

* We will have an interview about how the graphical interface was designed.

September 29th, we will have an interview about how the tool internals was designed.
October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
December 8th, Facebook Usage Case Study.
December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.

Need help with your timezone?

12:00 UTC / 05:00 PST / 13:00 BST / 14:00 CEST / 17:30 IST / 20:00 CST / 21:00 KST + JST.

OpenChain webinar - deferred to Wednesday 12:00 UTC / 05:00 PST / 13:00 BST / 14:00 CEST / 17:30 IST / 20:00 CST / 21:00 KST + JST

Shane Coughlan

#4194

Dear all

Our regular bi-weekly webinar is being deferred from Monday to Wednesday at 12:00 UTC / 05:00 PST / 13:00 BST / 14:00 CEST / 17:30 IST / 20:00 CST / 21:00 KST + JST. This is to keep the focus this week on the launch of our automation case study that day. The case study will be launched with our virtual event and with a physical event in Germany at roughly the same time. We are laying the foundation for an exploration that will take us all the way to a simulated supply chain in November.

You will find all the details in our global calendar as usual. Dial in link:

https://zoom.us/j/4377592799

Regards

Shane

Shane Coughlan

OpenChain General Manager

+818040358083

Book a meeting:

https://meetings.hubspot.com/scoughlan

Re: OpenChain Global Work Team Call - 2021-08-14 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

Shane Coughlan

#4193

The recording of our call is here:
https://www.openchainproject.org/news/2021/09/15/openchain-global-work-team-call-2021-09-14

Thank you all! Further details on discussions and outcomes shortly.

Regards

Shane

Show quoted text

On Sep 14, 2021, at 9:47, Shane Coughlan <scoughlan@linuxfoundation.org> wrote:

Today we will be discussing further global deployment of our security reference documentation + open discussion on SBOMs and DBOMs.

Join Zoom Meeting
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)

Need to confirm your timezone?
OpenChain Global Work Team Call - 2021-08-14 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

External link: SPDX Software Supply Chain Spec Becomes an ISO Standard

Shane Coughlan

#4192

Great article by Steven J. Vaughan-Nichols:

“ Alas, many of you haven’t heard of Software Package Data Exchange (SPDX). That’s a pity because SPDX is what’s going to save us from the misery of software supply chain attacks such as Solarwinds. Fortunately, while most of us haven’t been paying attention, the Linux Foundation and businesses such as Intel, Microsoft, and VMware, have been pushing it forward and now SPDX has become an International Standards Organization (ISO) standard: ISO/IEC 5962:2021.”

https://thenewstack.io/spdx-software-supply-chain-spec-becomes-an-iso-standard/

Shane Coughlan

OpenChain General Manager

+818040358083

Book a meeting:

https://meetings.hubspot.com/scoughlan

OpenChain Japan Planning Sub-Group Meeting - September 15th at 14:00 JST

Shane Coughlan

#4191

The OpenChain Japan Planning Sub-Group is a small subset of the overarching Japanese community. These regular planning meetings provide a platform to arrange bi-monthly or quarterly events, and the ensure the pipeline of information to and from the global groups are in sync.

The next planning subgroup meeting will be held on 9/15 14:00-15:00.
https://socionext.zoom.us/j/99975267803?pwd=ekhxaHA3bVZUSVU5M0dVMkF2Z0pkQT09

All parties welcome. The meeting will be held in Japanese.

OpenChain Global Work Team Call - 2021-08-14 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

Shane Coughlan

#4190

Today we will be discussing further global deployment of our security reference documentation + open discussion on SBOMs and DBOMs.

Join Zoom Meeting
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)

Need to confirm your timezone?
OpenChain Global Work Team Call - 2021-08-14 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

OpenChain UK Work Group Meeting 30th September 2021

Shane Coughlan

#4189

The next OpenChain UK Work Group meeting takes place virtually via Zoom on Thursday 30 September from 14:00 – 15:30 BST.

A full agenda will be launched prior to the meeting, which will be an interactive session with plenty of opportunity to ask questions and discuss OpenChain adoption and best practice. There has been a huge amount going on in the world of OpenChain, with a raft of new, high-profile conformance announcements, new optional extensions to the standard covering security and community engagement, and increased emphasis on the ease of use of tooling.

OpenChain’s General Manager Shane Coughlan will be joining us, and bringing us up to speed on new initiatives intended to make existing compliance tools like FOSSology and ScanCode easier to use. 

To reserve your free place on the virtual meeting, on 30 September 2021 from 14:00 – 15:30, please complete the online booking form:
https://ojimarketing.us19.list-manage.com/track/click?u=100dfa4f88cfb2baa11d391c2&id=e185a135d2&e=5d1e015448

To join the OpenChain UK Work Group visit https://lists.openchainproject.org/g/uk-wg and subscribe to the list to receive future details about the bi-monthly meetings and to sync and share information across all aspects of open source compliance.

OpenChain Automation Case Study launches September 22nd at 06:00 UTC (8am Berlin / 3pm Tokyo)

Shane Coughlan

#4188

Dear all

As previously discussed, we will be launching a rolling case study between September and December 2021. This case study will be anchored by webinars in and around a new GUI tool from Facebook + TNG.

We initially planned to begin on September 15th. However, Michael (FB) and Max (TNG) are holding a launch event in Germany on the 22nd, so we will align the global launch with that date. 

You will find the event details in the OpenChain global calendar. You can join this event via our normal Zoom room. No registration is necessary.
https://zoom.us/j/4377592799

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan

Re: Open Source and ISO Standards - OpenChain and the Future of Compliance @ Open Source Summit - Sept 28th 2021

Shane Coughlan

#4187

Hi Steve!

OpenChain has had an extraordinary impact across multiple sectors of governance, including security and M&A, pushing beyond the boundaries of OSPOs per se. Because of this, my general hint is to filter event schedules by “OpenChain” to see what turns up :)

Another tip is that you will find four OpenChain mini-summits around Linux Foundation events throughout the year, normally Open Source Summit North America, Open Source Summit Europe, Open Source Summit Japan and the Linux Foundation Membership Summit. 

And, of course, everything we do will be flagged on this list unless our individual community members forget something they are doing :P

Regards

Shane

Show quoted text

On Sep 9, 2021, at 17:59, Steve Kilbane <stephen.kilbane@analog.com> wrote:

Thanks for highlighting these, Shane. I'd gone straight for the OSPOCon filter, which is where I assumed all OpenChain-relevant content would be, so missed all of them. 😊

I'm gonna have to read all those blurbs more carefully, aren't I?

steve

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan
Sent: 08 September 2021 05:59
To: OpenChain Main <main@lists.openchainproject.org>
Subject: [openchain] Open Source and ISO Standards - OpenChain and the Future of Compliance @ Open Source Summit - Sept 28th 2021

[External]

We have three major talks Open Source Summit in Seattle, kicking off with Open Source and ISO Standards - OpenChain and the Future of Compliance, continuing with our friends at Huawei discussing practical usage in a large operating system project, and concluding with our (traditional) mini-summit. Links below.

Open Source and ISO Standards - OpenChain and the Future of Compliance - Shane Martin Coughlan, Linux Foundation Tuesday, September 28 • 12:00pm - 12:50pm https://urldefense.com/v3/__https://sched.co/lARA__;!!A3Ni8CS0y2Y!vJl30UjGopGtsC2PrJlpkj6JK5KkMO5yrVk3R5bh1s-80WPRW4RX9T3JaeclwOanIimL$ 

Meet All Scenarios OS: A Distributed O.S. with Feet on the Ground - Davide Ricci, Huawei Tuesday, September 28 • 9:00am - 9:50am https://urldefense.com/v3/__https://sched.co/lAMZ__;!!A3Ni8CS0y2Y!vJl30UjGopGtsC2PrJlpkj6JK5KkMO5yrVk3R5bh1s-80WPRW4RX9T3JaeclwLx-KImd$ 

OpenChain Quarterly Mini-Summit (Pre-Registration Required) Thursday, September 30 • 2:00pm - 5:30pm https://urldefense.com/v3/__https://sched.co/l90E__;!!A3Ni8CS0y2Y!vJl30UjGopGtsC2PrJlpkj6JK5KkMO5yrVk3R5bh1s-80WPRW4RX9T3JaeclwDwQGlA7$ 

External Resource: Growing the CHAOSS Community Globally - CHAOSS 社区的全球化故事 - with Xiaoya, Willem, King, and Clement

Shane Coughlan

#4186

This podcast with some pillars of the Chinese open source community covers OpenChain thanks to our good friend King at Huawei:
https://podcast.chaoss.community/43

From a more general perspective, you can also find out more about current events in the Community Health Analytics Open Source Software Project :)

CfP - Open Compliance Summit - December 16th 2021 - Deadline October 1st

Shane Coughlan

#4185

Reminder about upcoming deadlines/dates to be aware of regarding the Open Compliance Summit CFP:

	• CFP Closes: Friday, October 1
	• CFP Notifications: Tuesday, October 19
	• Schedule Announcement: Thursday, October 21

https://events.linuxfoundation.org/open-compliance-summit/program/cfp/#%E6%A6%82%E8%A6%81

SPDX Becomes Internationally Recognized Standard for Software Bill of Materials

Shane Coughlan

#4184

Backed by many of the world’s largest companies for more than a decade, SPDX formally becomes an internationally recognized ISO/IEC JTC 1 standard during a transformational time for software and supply chain security

https://www.linuxfoundation.org/press-release/spdx-becomes-internationally-recognized-standard-for-software-bill-of-materials

Re: Open Source and ISO Standards - OpenChain and the Future of Compliance @ Open Source Summit - Sept 28th 2021

Steve Kilbane

#4183

Thanks for highlighting these, Shane. I'd gone straight for the OSPOCon filter, which is where I assumed all OpenChain-relevant content would be, so missed all of them. 😊

I'm gonna have to read all those blurbs more carefully, aren't I?

steve

Show quoted text

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan
Sent: 08 September 2021 05:59
To: OpenChain Main <main@lists.openchainproject.org>
Subject: [openchain] Open Source and ISO Standards - OpenChain and the Future of Compliance @ Open Source Summit - Sept 28th 2021

[External]

We have three major talks Open Source Summit in Seattle, kicking off with Open Source and ISO Standards - OpenChain and the Future of Compliance, continuing with our friends at Huawei discussing practical usage in a large operating system project, and concluding with our (traditional) mini-summit. Links below.

Open Source and ISO Standards - OpenChain and the Future of Compliance - Shane Martin Coughlan, Linux Foundation Tuesday, September 28 • 12:00pm - 12:50pm https://urldefense.com/v3/__https://sched.co/lARA__;!!A3Ni8CS0y2Y!vJl30UjGopGtsC2PrJlpkj6JK5KkMO5yrVk3R5bh1s-80WPRW4RX9T3JaeclwOanIimL$ 

Meet All Scenarios OS: A Distributed O.S. with Feet on the Ground - Davide Ricci, Huawei Tuesday, September 28 • 9:00am - 9:50am https://urldefense.com/v3/__https://sched.co/lAMZ__;!!A3Ni8CS0y2Y!vJl30UjGopGtsC2PrJlpkj6JK5KkMO5yrVk3R5bh1s-80WPRW4RX9T3JaeclwLx-KImd$ 

OpenChain Quarterly Mini-Summit (Pre-Registration Required) Thursday, September 30 • 2:00pm - 5:30pm https://urldefense.com/v3/__https://sched.co/l90E__;!!A3Ni8CS0y2Y!vJl30UjGopGtsC2PrJlpkj6JK5KkMO5yrVk3R5bh1s-80WPRW4RX9T3JaeclwDwQGlA7$

SK Telecom is the first Telecommunications Operator to adopt OpenChain ISO 5230

Shane Coughlan

#4182

SK Telecom, South Korea’s largest wireless carrier, is the first telecommunications operator to adopt OpenChain ISO 5230. This leap forward in governance builds on their long-term mission as a global ICT leader. Learn more:
https://www.openchainproject.org/featured/2021/09/08/sk-telecom

Open Source and ISO Standards - OpenChain and the Future of Compliance @ Open Source Summit - Sept 28th 2021

Shane Coughlan

#4181

We have three major talks Open Source Summit in Seattle, kicking off with Open Source and ISO Standards - OpenChain and the Future of Compliance, continuing with our friends at Huawei discussing practical usage in a large operating system project, and concluding with our (traditional) mini-summit. Links below.

Open Source and ISO Standards - OpenChain and the Future of Compliance - Shane Martin Coughlan, Linux Foundation
Tuesday, September 28 • 12:00pm - 12:50pm
https://sched.co/lARA

Meet All Scenarios OS: A Distributed O.S. with Feet on the Ground - Davide Ricci, Huawei
Tuesday, September 28 • 9:00am - 9:50am
https://sched.co/lAMZ

OpenChain Quarterly Mini-Summit (Pre-Registration Required)
Thursday, September 30 • 2:00pm - 5:30pm
https://sched.co/l90E

OpenChain Webinar #30 – Automation Case Study + Continual Improvement In Compliance Programs

Shane Coughlan

#4180

OpenChain Webinar #30 – Automation Case Study + Continual Improvement In Compliance Programs

Check out the full recording and the slides here:
https://www.openchainproject.org/news/2021/09/07/webinar-30

This is a pretty important webinar. One key take-away? We are going to be doing a massive, rolling case study from September through December 2021. The focus will be on automation, interoperability and ease-of-use. If you are considering automation, or improving automation, this is a great place to start.

Regards

Shane

—
Shane Coughlan
General Manager, OpenChain
e: scoughlan@linuxfoundation.org       
p: +81 (0) 80 4035 8083                
w: www.linuxfoundation.org

Schedule a call:
https://meetings.hubspot.com/scoughlan

Webinar in one hour (06:00 UTC): Automation Case Study from September through December 2021 + Continual improvement around open source license compliance programs

Shane Coughlan

#4179

Today we are talking about an 'Automation Case Study from September through December 2021' + 'Continual improvement around open source license compliance programs'

Join Zoom Meeting
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13126266799,,4377592799# US (Chicago)

Need to confirm your timezone?
2021-09-07 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST