Date   

Re: OpenChain Mini-Summit - Reviewing Our Security Assurance Guide - Starts in ~30 minutes via Zoom

Christopher Wood
 

Shane
I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached.  I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.

Regards
Chris

On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:


All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.

Learn more about the current guide here:





REMINDER OpenChain Bi-Weekly Webinar - 2021-10-05 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

 

Our regular webinar starts in two minutes.

Today we are talking about 'agile development' with Jan from EACG.

Join Zoom Meeting
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)

Need to confirm your timezone?
OpenChain Bi-Weekly Webinar - 2021-10-05 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


OpenChain Bi-Weekly Webinar - 2021-10-05 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

 

Today we are talking about 'agile development' with Jan from EACG.

Join Zoom Meeting
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)

Need to confirm your timezone?
OpenChain Bi-Weekly Webinar - 2021-10-05 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: Shane away from computer October 2nd to October 10th

Jimmy Ahlberg
 

HI Shane, If we could get the Telco workgroup call added to the calendar before then it would be great. If we can find a slot on the 20th-21st that be fantastic. I think this time we prioritise a time that works for EU-JAPAN so that we can get Huawei, as well as our Japanse friends onboard.

BR J

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: den 1 oktober 2021 08:33
To: OpenChain Main <main@lists.openchainproject.org>
Cc: OpenChain Korea <korea-wg@lists.openchainproject.org>; OpenChain Japan <japan-wg@lists.openchainproject.org>; OpenChain Taiwan <taiwan-wg@lists.openchainproject.org>; OpenChain Germany <germany-wg@lists.openchainproject.org>; OpenChain UK <uk-wg@lists.openchainproject.org>; OpenChain Partners <partners@lists.openchainproject.org>; OpenChain India <india-wg@lists.openchainproject.org>; OpenChain Specification <specification@lists.openchainproject.org>
Subject: [openchain] Shane away from computer October 2nd to October 10th

Dear all

I am taking a week of vacation and will be away from email, slack and our other social channels during this time.

Our bi-weekly webinar will take place as usual on Tuesday the 5th of October at 06:00 UTC. Jan Thielscher of EACG will be doing one of our periodic broader topics and covering “agile challenges.” I will host as usual.

I am working on the recording of our mini-summit. We had some issues with the dial-in audio quality. I will put together the best possible version for release on Monday the 11th of October. Kudos to Mark Gisi for hosting a terrific and productive summit in Seattle, and thanks to everyone who contributed and made it a resounding success.

Need me urgently? My cellphone is: +818040358083

See you all later!

Regards

Shane

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Shane away from computer October 2nd to October 10th

 

Dear all

I am taking a week of vacation and will be away from email, slack and our other social channels during this time.

Our bi-weekly webinar will take place as usual on Tuesday the 5th of October at 06:00 UTC. Jan Thielscher of EACG will be doing one of our periodic broader topics and covering “agile challenges.” I will host as usual.

I am working on the recording of our mini-summit. We had some issues with the dial-in audio quality. I will put together the best possible version for release on Monday the 11th of October. Kudos to Mark Gisi for hosting a terrific and productive summit in Seattle, and thanks to everyone who contributed and made it a resounding success.

Need me urgently? My cellphone is: +818040358083

See you all later!

Regards

Shane

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: Case Study: Open Source Compliance Automation and Interoperability #2 - Video Now Live

 

Excellent! Invite sent to you, Thomas, Helio and Max :)

Thank you Sebastian!

On Sep 30, 2021, at 20:13, Sebastian Schuberth <sschuberth@gmail.com> wrote:

Hi Shane,

yes, I could do both. If you can send an invite, I'll forward it to
the other ORT core developers / ORT developer meeting participants.

--
Sebastian Schuberth

On Thu, Sep 30, 2021 at 12:21 PM Shane Coughlan
<scoughlan@linuxfoundation.org> wrote:

Hi Sebastian!

I would love if you and (or) Thomas could join to help us genuinely dig deep into the ORT side of things.

Would European morning (say 9 or 10am CET) work for you on the 13th?

Regards

Shane

On Sep 30, 2021, at 18:49, Sebastian Schuberth <sschuberth@gmail.com> wrote:

Hi Shane,

in today's ORT developer meeting the session on Oct 13th for "a deep
dive on using ORT" was brought to my attention. None of the ORT core
developers / LF TSC members were aware of that session. Since you're
going to talk about "ORT internals engineering" I'd be curious who's
going to present the engineering internals, if not ORT engineers.

So, any clue who'll be running that session? Does it make sense for me
and / or other ORT engineers to join that session to help you get the
right picture of ORT's internals?

--
Sebastian Schuberth
(Founder of ORT, the OSS Review Toolkit.)

On Wed, Sep 29, 2021 at 2:01 PM Shane Coughlan
<scoughlan@linuxfoundation.org> wrote:

Part #2 of our epic automation case study explores the engineering behind the new graphical tool from Facebook/TNG that makes open source tooling easier to use.
https://www.openchainproject.org/featured/2021/09/29/automation-case-study-2

Coming Next:

October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
December 8th, Facebook Usage Case Study.
December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.

Seen Previously:

Part #1 explores a new graphical tool from Facebook/TNG to make open source tooling easier to use. Our demo shows ORT calling ScanCode in a clean, simple way. We also discuss how the graphical interface was designed.


OpenChain Mini-Summit - Reviewing Our Security Assurance Guide - Starts in ~30 minutes via Zoom

 

All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
https://zoom.us/j/4377592799

Learn more about the current guide here:
https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available


Re: Case Study: Open Source Compliance Automation and Interoperability #2 - Video Now Live

Sebastian Schuberth
 

Hi Shane,

yes, I could do both. If you can send an invite, I'll forward it to
the other ORT core developers / ORT developer meeting participants.

--
Sebastian Schuberth

On Thu, Sep 30, 2021 at 12:21 PM Shane Coughlan
<scoughlan@linuxfoundation.org> wrote:

Hi Sebastian!

I would love if you and (or) Thomas could join to help us genuinely dig deep into the ORT side of things.

Would European morning (say 9 or 10am CET) work for you on the 13th?

Regards

Shane

On Sep 30, 2021, at 18:49, Sebastian Schuberth <sschuberth@gmail.com> wrote:

Hi Shane,

in today's ORT developer meeting the session on Oct 13th for "a deep
dive on using ORT" was brought to my attention. None of the ORT core
developers / LF TSC members were aware of that session. Since you're
going to talk about "ORT internals engineering" I'd be curious who's
going to present the engineering internals, if not ORT engineers.

So, any clue who'll be running that session? Does it make sense for me
and / or other ORT engineers to join that session to help you get the
right picture of ORT's internals?

--
Sebastian Schuberth
(Founder of ORT, the OSS Review Toolkit.)

On Wed, Sep 29, 2021 at 2:01 PM Shane Coughlan
<scoughlan@linuxfoundation.org> wrote:

Part #2 of our epic automation case study explores the engineering behind the new graphical tool from Facebook/TNG that makes open source tooling easier to use.
https://www.openchainproject.org/featured/2021/09/29/automation-case-study-2

Coming Next:

October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
December 8th, Facebook Usage Case Study.
December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.

Seen Previously:

Part #1 explores a new graphical tool from Facebook/TNG to make open source tooling easier to use. Our demo shows ORT calling ScanCode in a clean, simple way. We also discuss how the graphical interface was designed.


Re: Case Study: Open Source Compliance Automation and Interoperability #2 - Video Now Live

 

Hi Sebastian!

I would love if you and (or) Thomas could join to help us genuinely dig deep into the ORT side of things.

Would European morning (say 9 or 10am CET) work for you on the 13th?

Regards

Shane

On Sep 30, 2021, at 18:49, Sebastian Schuberth <sschuberth@gmail.com> wrote:

Hi Shane,

in today's ORT developer meeting the session on Oct 13th for "a deep
dive on using ORT" was brought to my attention. None of the ORT core
developers / LF TSC members were aware of that session. Since you're
going to talk about "ORT internals engineering" I'd be curious who's
going to present the engineering internals, if not ORT engineers.

So, any clue who'll be running that session? Does it make sense for me
and / or other ORT engineers to join that session to help you get the
right picture of ORT's internals?

--
Sebastian Schuberth
(Founder of ORT, the OSS Review Toolkit.)

On Wed, Sep 29, 2021 at 2:01 PM Shane Coughlan
<scoughlan@linuxfoundation.org> wrote:

Part #2 of our epic automation case study explores the engineering behind the new graphical tool from Facebook/TNG that makes open source tooling easier to use.
https://www.openchainproject.org/featured/2021/09/29/automation-case-study-2

Coming Next:

October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
December 8th, Facebook Usage Case Study.
December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.

Seen Previously:

Part #1 explores a new graphical tool from Facebook/TNG to make open source tooling easier to use. Our demo shows ORT calling ScanCode in a clean, simple way. We also discuss how the graphical interface was designed.


Re: Case Study: Open Source Compliance Automation and Interoperability #2 - Video Now Live

Sebastian Schuberth
 

Hi Shane,

in today's ORT developer meeting the session on Oct 13th for "a deep
dive on using ORT" was brought to my attention. None of the ORT core
developers / LF TSC members were aware of that session. Since you're
going to talk about "ORT internals engineering" I'd be curious who's
going to present the engineering internals, if not ORT engineers.

So, any clue who'll be running that session? Does it make sense for me
and / or other ORT engineers to join that session to help you get the
right picture of ORT's internals?

--
Sebastian Schuberth
(Founder of ORT, the OSS Review Toolkit.)

On Wed, Sep 29, 2021 at 2:01 PM Shane Coughlan
<scoughlan@linuxfoundation.org> wrote:

Part #2 of our epic automation case study explores the engineering behind the new graphical tool from Facebook/TNG that makes open source tooling easier to use.
https://www.openchainproject.org/featured/2021/09/29/automation-case-study-2

Coming Next:

October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
December 8th, Facebook Usage Case Study.
December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.

Seen Previously:

Part #1 explores a new graphical tool from Facebook/TNG to make open source tooling easier to use. Our demo shows ORT calling ScanCode in a clean, simple way. We also discuss how the graphical interface was designed.


Case Study: Open Source Compliance Automation and Interoperability #2 - Video Now Live

 

Part #2 of our epic automation case study explores the engineering behind the new graphical tool from Facebook/TNG that makes open source tooling easier to use.
https://www.openchainproject.org/featured/2021/09/29/automation-case-study-2

Coming Next:

  • October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
  • October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
  • November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
  • November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
  • December 8th, Facebook Usage Case Study.
  • December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.

Seen Previously:


External talk: 'Growing Open Source Culture Inside Sony’ at Open Source Summit today

 

There is a pretty great talk I wanted to flag today (Tuesday, September 28) at the Open Compliance Summit.

It is entitled 'Growing Open Source Culture Inside Sony’ and will presented by Kazumi Sato and Hiroyuki Fukuchi of Sony Group Corporation. Sony has long been a leader in open source, so I would regard this as a “must see” for those at the event.

The talk will take place between 17:00 and 17:50 PST. Learn more here:
https://sched.co/lAOz

(This means it will be morning on the 29th for Asia)

Regards

Shane


Shane Coughlan
General Manager, OpenChain
e: scoughlan@linuxfoundation.org
p: +81 (0) 80 4035 8083
w: www.linuxfoundation.org

Schedule a call:
https://meetings.hubspot.com/scoughlan


Re: Synology is the latest organization to announce an OpenChain ISO 5230 conformant program

Gilles Gravier
 

I've been using Synology NAS for years. They just work. I replaced my old one with a new one just by popping the old disks in the new box, and 20 minutes later it was up and running with no other disruption to service. These things are rock solid. Mine has been now up for 72 days without a reboot... I imagine next reboot will be with next firmware update. :)

And yes, they do almost everything open source... so it's nice to know they have OpenChain standard to support their development process!

Cheers,
Gilles

Le lun. 27 sept. 2021 à 14:01, Jari Koivisto <jari.p.koivisto@...> a écrit :
Great news. If I didn't have NAS boxes already and I was going to get some, I would definitely go for the Synology solution. 

BR,

  Jari

---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto



On Mon, 27 Sept 2021 at 01:22, Shane Coughlan <scoughlan@...> wrote:
Synology, a data storage and IT solutions manufacturer, is the latest organization to announce an OpenChain ISO 5230 conformant program. This builds on their commitment to excellence in products and governance as one of the leaders in the networked storage industry. 
https://www.openchainproject.org/news/2021/09/26/synology






--
Gilles Gravier  - Gilles@...
GSM : +33618347147 and +41794728437
Skype : ggravier | PGP Key : 0xA610DB098DE6D026


Re: Synology is the latest organization to announce an OpenChain ISO 5230 conformant program

Jari Koivisto
 

Great news. If I didn't have NAS boxes already and I was going to get some, I would definitely go for the Synology solution. 

BR,

  Jari

---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto



On Mon, 27 Sept 2021 at 01:22, Shane Coughlan <scoughlan@...> wrote:
Synology, a data storage and IT solutions manufacturer, is the latest organization to announce an OpenChain ISO 5230 conformant program. This builds on their commitment to excellence in products and governance as one of the leaders in the networked storage industry. 
https://www.openchainproject.org/news/2021/09/26/synology





Re: Synology is the latest organization to announce an OpenChain ISO 5230 conformant program

Sebastian Crane
 

Synology, a data storage and IT solutions manufacturer, is the latest
organization to announce an OpenChain ISO 5230 conformant
program. This builds on their commitment to excellence in products and
governance as one of the leaders in the networked storage industry.
https://www.openchainproject.org/news/2021/09/26/synology
This is a very exciting announcement! I know quite a few people who rely
on Synology devices for their data storage needs, so I'll be sure to
spread the news to them :)

Best wishes,

Sebastian


DEFERRED - OpenChain global work team call this week

 

Today’s regular bi-weekly global work team call is being deferred.

I would like to put all our attention on the OpenChain Quarterly Mini Summit on September 30th @ 2:00pm - 5:00pm PST.

We will be explicitly reviewing and editing the security assurance reference guide and discussing other key OpenChain guides at this event.

You can attend with our usual link:

https://zoom.us/j/4377592799


Details also in the global calendar!

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: Synology is the latest organization to announce an OpenChain ISO 5230 conformant program

Gilles Gravier
 

Yeah!

Congratulations to the Synology team! Well played. A tribute to their long term use of open source.

Gilles

Le lun. 27 sept. 2021 à 01:22, Shane Coughlan <scoughlan@...> a écrit :
Synology, a data storage and IT solutions manufacturer, is the latest organization to announce an OpenChain ISO 5230 conformant program. This builds on their commitment to excellence in products and governance as one of the leaders in the networked storage industry. 
https://www.openchainproject.org/news/2021/09/26/synology






--
Gilles Gravier  - Gilles@...
GSM : +33618347147 and +41794728437
Skype : ggravier | PGP Key : 0xA610DB098DE6D026


OpenChain Korea Work Group Meeting #11 – 2021-09-30 - 14:00-16:00 KST

 

The OpenChain Korea Work Group will hold its 11th meeting on the 2021-09-30 (Thursday) between 14:00 and 16:00 KST. You can join the meeting via Zoom: https://line.zoom.us/s/97987235521

Learn More (view the schedule):
https://www.openchainproject.org/featured/2021/09/26/korea-wg-11


OpenChain Quarterly Mini Summit Final Details - September 30th @ 2:00pm - 5:00pm PST

 

This is a reminder that the OpenChain mini-summit adjacent to Open Source Summit (Seattle) is coming up.

Date: Thursday, September 30th
Time: 2:00pm - 5:00pm PST

Beverage Service:
• On Consumption
• Bottled Organic Iced Tea
• Still & Sparkling Waters
• Pepsi Soft Drinks
• Coffee and Tea

We currently have 24 physical attendees registered for the meeting.

Mark Gisi, chair of the OpenChain Spec team, will be leading the conversation around the Security Assurance Reference Guide:
https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available

This will also be an excellent opportunity to talk about where the specification is today, where it may go tomorrow, and what other references guides would be useful in the near term.

Want to attend the meeting?
https://events.linuxfoundation.org/open-source-summit-north-america/features/co-located-events/#openchain-quarterly-mini-summit

Want to dial-in? All being well, we will be talking via Zoom on Mark’s computer :)
https://zoom.us/j/4377592799


Synology is the latest organization to announce an OpenChain ISO 5230 conformant program

 

Synology, a data storage and IT solutions manufacturer, is the latest organization to announce an OpenChain ISO 5230 conformant program. This builds on their commitment to excellence in products and governance as one of the leaders in the networked storage industry.
https://www.openchainproject.org/news/2021/09/26/synology

101 - 120 of 4317