Date   

OpenChain Japan Work Group Meeting #21 – 2021-10-20 16:00~17:00 JST

 

Got a Japan team?

This is happening now:
OpenChain Japan Work Group Meeting #21 – 2021-10-20 16:00~17:00 JST

Venue

Zoom: https://lnkd.in/dd7isumy
Meeting ID: 99975267803

Password

]>guXS~6

Agenda

16:00 -16:02 Opening
16:02 -16:10 Keynote by Shane Coughlan
16:10 -16:20 about OpenChain Japan WG by S.Kato from Panasonic
16:20 -17:00 Case study “Growing Open Source Culture Inside Sony” by K.Sato from Sony
17:00 Closing


The Eclipse Foundation Announces It Has Achieved OpenChain ISO 5230 Conformance

 

BRUSSELS – October 19, 2021 – The Eclipse Foundation AISBL, a global community fostering a mature, scalable, and business-friendly environment for software collaboration and innovation, has announced that it is the first open source software foundation to confirm that its open source development and license management processes are OpenChain ISO 5230 conformant.

Learn More:
https://www.openchainproject.org/featured/2021/10/19/eclipse-foundation-conformance


NEC Announces OpenChain ISO 5230 Conformant Program

 

NEC Corporation, a Fortune 500 company and a leader in the integration of IT and network technologies, is the latest company to announce an OpenChain ISO 5230 Conformant program. This builds on their social values of safety, security, fairness and efficiency to promote a more sustainable world, and underlines a long-standing commitment to excellence in governance.

“NEC is proud to support the international standard for open source license compliance,” says Kimio Suganuma, General Manager of OSS Promotion Center. “It builds on our multi-decade support of open source in business environments. We look forward to continued collaboration with the global governance community, and helping to ensure supply chains are efficient and trustworthy.”

Learn More:
https://www.openchainproject.org/featured/2021/10/19/nec-conformant-program


Case Study: Open Source Compliance Automation and Interoperability #3 - Video Now Live

 

Part #3 of our epic automation case study explores the Open Source Review Toolkit (ORT) both in the context of the GUI tool from TNG/Facebook and when used on its own.
https://www.openchainproject.org/featured/2021/10/15/automation-case-study-3 
This marks the moment when we begin to expand on automation options across the ecosystem in more detail. There are various choices people make when selecting tooling that we hope to unpack here, shortly with TERN, and over time with everything from FOSSology to FOSSLight and beyond.

Coming Next:
  • October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
  • November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
  • November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
  • December 8th, Facebook Usage Case Study.
  • December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.
Seen Previously:


Re: OpenChain Mini-Summit - Reviewing Our Security Assurance Guide - Starts in ~30 minutes via Zoom

 


Thanks Marcel and Chris!

Mark, over to you 😊

On Oct 16, 2021, at 15:01, Marcel (PwC DE) via lists.openchainproject.org <marcel.scholze=pwc.com@...> wrote:


Hello Chris,

Thanks for your efforts with this document!
Please find attached some comments, suggestions and thoughts.
Happy to discuss.

Kind regards
Marcel

Marcel Scholze (DE)
PwC | Director | Open Source Software Services & IT-Sourcing
Phone: +49 69 95851746 | Mobile: +49 151 161 57 049
Email: marcel.scholze@...
PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft
Friedrich-Ebert-Anlage 35-37 | 60327 | Frankfurt a. M. | Germany

Find out about Open Source Software Management: https://www.pwc.de/opensource

At PwC we work flexibly - so while it suits me to email now, I do not expect a response or action outside of your own working hours.

Vorsitzender des Aufsichtsrates: WP StB Dr. Norbert Vogelpoth
Geschäftsführer: WP StB Dr. Ulrich Störk, WP StB Dr. Peter Bartels, Dr. Joachim Englert, WP StB Petra Justenhoven, WP Clemens Koch, StB Marius Möller, WP StB Uwe Rittmann, StB RA Klaus Schmidt, StB CPA Mark Smith
Sitz der Gesellschaft: Frankfurt am Main, Amtsgericht Frankfurt am Main HRB 107858
PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft ist Mitglied von PricewaterhouseCoopers International, einer Company limited by guarantee registriert in England und Wales
Datenschutz: Hinweise zur Datenverarbeitung bei PricewaterhouseCoopers GmbH WPG finden Sie unter Datenschutzhinweise PricewaterhouseCoopers GmbH WPG


On Fri, 15 Oct 2021 at 08:46, Shane Coughlan <scoughlan@...> wrote:
Thank you Chris!

Flagging for Mark (CC) for review.

> On Oct 8, 2021, at 23:50, Christopher Wood <cvw01@...> wrote:
>
> Shane
> I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached.  I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.
>
> Regards
> Chris
>
> On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:
>
>
> All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
> https://zoom.us/j/4377592799
>
> Learn more about the current guide here:
> https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available
>
>
>
>
>
> <OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>







Diese Information ist ausschliesslich fuer den Adressaten bestimmt und kann vertrauliche oder gesetzlich geschuetzte Informationen enthalten. Wenn Sie nicht der bestimmungsgemaesse Adressat sind, unterrichten Sie bitte den Absender und vernichten Sie diese Mail. Anderen als dem bestimmungsgemaessen Adressaten ist es untersagt, diese E-Mail zu lesen, zu speichern, weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden. Wir verwenden aktuelle Virenschutzprogramme. Fuer Schaeden, die dem Empfaenger gleichwohl durch von uns zugesandte mit Viren befallene E-Mails entstehen, schliessen wir jede Haftung aus. 
* * * * *
The information contained in this email is intended only for its addressee and may contain confidential and/or privileged information. If the reader of this email is not the intended recipient, you are hereby notified that reading, saving, distribution or use of the content of this email in any way is prohibited. If you have received this email in error, please notify the sender and delete the email. We use updated antivirus protection software. We do not accept any responsibility for damages caused anyhow by viruses transmitted via email.


External Webinar: Hot Topics: Open Source Software Legal Update

 

Tony from GTC Law let me know they plan to have a section on the Executive Order and to discuss OpenChain (also also SPDX) as approaches to meeting that order’s requirements.

Learn more about the webinar registration details here:

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Telco work group meeting 2021-10-21 07:00 UTC

 

Dear all

We hold a telco work group meeting this Thursday the 21st at 07:00 UTC. It will be hosted by Jimmy from Ericsson and all are invited to attend. As he noted:

“We hope to continue our discussion started last time on Software Bill of Material and how we best can create alignment and a voluntary best practice "standard" we can adhere to so that whatever is supplied into, our out of the Telco ecosystem is easily digestible in a predictable manner.”

Dial in here:

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


OpenChain Webinar Today 2021-08-16 @ 14:00 UTC - Postponed due to scheduling change

 

Dear all

Today’s regular bi-weekly webinar is being postponed due to a scheduling conflict.

You are reminder that:

We hold a telco work group meeting this Thursday the 21st at 07:00 UTC.

and

Part #4 of our automation case study will take place on Wednesday the 27th at 14:00 UTC.

Our regular global work team call takes place next Monday the 25th at 14:00 UTC as usual.

All these events are in the global calendar and all are invited to attend without registration or restriction.

Regards

Shane


Re: OpenChain Mini-Summit - Reviewing Our Security Assurance Guide - Starts in ~30 minutes via Zoom

Marcel (PwC DE)
 

Hello Chris,

Thanks for your efforts with this document!
Please find attached some comments, suggestions and thoughts.
Happy to discuss.

Kind regards
Marcel

Marcel Scholze (DE)
PwC | Director | Open Source Software Services & IT-Sourcing
Phone: +49 69 95851746 | Mobile: +49 151 161 57 049
Email: marcel.scholze@...
PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft
Friedrich-Ebert-Anlage 35-37 | 60327 | Frankfurt a. M. | Germany

Find out about Open Source Software Management: https://www.pwc.de/opensource

At PwC we work flexibly - so while it suits me to email now, I do not expect a response or action outside of your own working hours.

Vorsitzender des Aufsichtsrates: WP StB Dr. Norbert Vogelpoth
Geschäftsführer: WP StB Dr. Ulrich Störk, WP StB Dr. Peter Bartels, Dr. Joachim Englert, WP StB Petra Justenhoven, WP Clemens Koch, StB Marius Möller, WP StB Uwe Rittmann, StB RA Klaus Schmidt, StB CPA Mark Smith
Sitz der Gesellschaft: Frankfurt am Main, Amtsgericht Frankfurt am Main HRB 107858
PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft ist Mitglied von PricewaterhouseCoopers International, einer Company limited by guarantee registriert in England und Wales
Datenschutz: Hinweise zur Datenverarbeitung bei PricewaterhouseCoopers GmbH WPG finden Sie unter Datenschutzhinweise PricewaterhouseCoopers GmbH WPG


On Fri, 15 Oct 2021 at 08:46, Shane Coughlan <scoughlan@...> wrote:
Thank you Chris!

Flagging for Mark (CC) for review.

> On Oct 8, 2021, at 23:50, Christopher Wood <cvw01@...> wrote:
>
> Shane
> I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached.  I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.
>
> Regards
> Chris
>
> On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:
>
>
> All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
> https://zoom.us/j/4377592799
>
> Learn more about the current guide here:
> https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available
>
>
>
>
>
> <OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>







Diese Information ist ausschliesslich fuer den Adressaten bestimmt und kann vertrauliche oder gesetzlich geschuetzte Informationen enthalten. Wenn Sie nicht der bestimmungsgemaesse Adressat sind, unterrichten Sie bitte den Absender und vernichten Sie diese Mail. Anderen als dem bestimmungsgemaessen Adressaten ist es untersagt, diese E-Mail zu lesen, zu speichern, weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden. Wir verwenden aktuelle Virenschutzprogramme. Fuer Schaeden, die dem Empfaenger gleichwohl durch von uns zugesandte mit Viren befallene E-Mails entstehen, schliessen wir jede Haftung aus. 
* * * * *
The information contained in this email is intended only for its addressee and may contain confidential and/or privileged information. If the reader of this email is not the intended recipient, you are hereby notified that reading, saving, distribution or use of the content of this email in any way is prohibited. If you have received this email in error, please notify the sender and delete the email. We use updated antivirus protection software. We do not accept any responsibility for damages caused anyhow by viruses transmitted via email.


Re: OpenChain Mini-Summit - Reviewing Our Security Assurance Guide - Starts in ~30 minutes via Zoom

Christopher Wood
 

Good morning i am sorry that I missed your review this morning. I dialed into the zoom meeting but there was no connection, then I realzed that it was 1:45 AM when I received the email. Let me know what you thought.
Best Regards
Chris

On Oct 15, 2021, at 1:45 AM, Shane Coughlan <scoughlan@...> wrote:

Thank you Chris!

Flagging for Mark (CC) for review.

On Oct 8, 2021, at 23:50, Christopher Wood <cvw01@...> wrote:

Shane
I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached. I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.

Regards
Chris

On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:


All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
https://zoom.us/j/4377592799

Learn more about the current guide here:
https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available





<OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>





<OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>


Re: OpenChain Mini-Summit - Reviewing Our Security Assurance Guide - Starts in ~30 minutes via Zoom

 

Thank you Chris!

Flagging for Mark (CC) for review.

On Oct 8, 2021, at 23:50, Christopher Wood <cvw01@...> wrote:

Shane
I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached. I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.

Regards
Chris

On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:


All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
https://zoom.us/j/4377592799

Learn more about the current guide here:
https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available





<OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>


REMINDER: Case Study: Open Source Compliance Automation and Interoperability #3 - GUI + ORT Deep Dive 2021-10-13 08:00 UTC / 09:00 BST / 10:00 CEST / 16:00 CST / 17:00 KST + JST

 

Our third automation case study webinar is about to start. Join here:

It will be a pretty special event and include some technical deep-dives as well as examples of easy automation usage. Max will take lead on explaining simplicity in using a GUI to access the Open Source Review Toolkit. Sebastian and Thomas will take us on a deep-dive into the tool itself.

Not to be missed. Dial in details below and on our global calendar.

Case Study: Open Source Compliance Automation and Interoperability #3 - GUI + ORT Deep Dive 2021-10-13 08:00 UTC / 09:00 BST / 10:00 CEST / 16:00 CST / 17:00 KST + JST

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:


REMINDER: Case Study: Open Source Compliance Automation and Interoperability #3 - GUI + ORT Deep Dive 2021-10-13 08:00 UTC / 09:00 BST / 10:00 CEST / 16:00 CST / 17:00 KST + JST

 

Dear all 

This is a reminder that our third automation case study webinar takes place today. It will be a pretty special event and include some technical deep-dives as well as examples of easy automation usage.

Max will take lead on explaining simplicity in using a GUI to access the Open Source Review Toolkit. Sebastian and Thomas will take us on a deep-dive into the tool itself.

Not to be missed. Dial in details below and on our global calendar.

Case Study: Open Source Compliance Automation and Interoperability #3 - GUI + ORT Deep Dive 2021-10-13 08:00 UTC / 09:00 BST / 10:00 CEST / 16:00 CST / 17:00 KST + JST

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


RECORDING: OpenChain Global Webinar 2021-10-12

 

We talk about the Security Assurance Reference Guide (PR to come) and Playbooks (priority for education work group in Q4 2021):
https://www.openchainproject.org/news/2021/10/12/openchain-global-webinar-2021-10-12


REMINDER: Case Study: Open Source Compliance Automation and Interoperability #3 - GUI + ORT Deep Dive 2021-10-13 08:00 UTC / 09:00 BST / 10:00 CEST / 16:00 CST / 17:00 KST + JST

 

Dear all 

This is a reminder that our third automation case study webinar takes place tomorrow. It will be a pretty special event and include some technical deep-dives as well as examples of easy automation usage.

Max will take lead on explaining simplicity in using a GUI to access the Open Source Review Toolkit. Sebastian and Thomas will take us on a deep-dive into the tool itself.

Not to be missed. Dial in details below and on our global calendar.

Case Study: Open Source Compliance Automation and Interoperability #3 - GUI + ORT Deep Dive 2021-10-13 08:00 UTC / 09:00 BST / 10:00 CEST / 16:00 CST / 17:00 KST + JST

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


OpenChain Global Work Team call at 06:00 UTC today (2021-10-12)

 

Our regular bi-weekly work team call will be held in just over two hours (06:00 UTC 2021-10-12). This will probably be a relatively short call focused on activity summary and creating a “shopping list” of things to focus on during Q4.

Join here:
https://zoom.us/j/4377592799

Regards

Shane


RECORDING: OpenChain Webinar #31 - Agile Development

 


RECORDING: Q3 2021 Mini-Summit - Focus: Security Assurance Reference Guide

 

Dear all

The recording of our recent mini-summit is now available. Huge thanks to Mark Gisi for leading the discussion with a focus on our Security Assurance Reference Guide.
https://youtu.be/KBVlcZt4T8c

Please note: this was a face-to-face event with dial-in support. We had some audio issues on the dial-in. The recording has been adjusted to remove sections of blank space and noise.

Regards

Shane


Shane Coughlan
General Manager, OpenChain
e: scoughlan@...
p: +81 (0) 80 4035 8083
w: www.linuxfoundation.org

Schedule a call:
https://meetings.hubspot.com/scoughlan


Re: OpenChain Mini-Summit - Reviewing Our Security Assurance Guide - Starts in ~30 minutes via Zoom

Christopher Wood
 

Shane
I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached.  I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.

Regards
Chris

On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:


All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.

Learn more about the current guide here:





REMINDER OpenChain Bi-Weekly Webinar - 2021-10-05 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

 

Our regular webinar starts in two minutes.

Today we are talking about 'agile development' with Jan from EACG.

Join Zoom Meeting
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)

Need to confirm your timezone?
OpenChain Bi-Weekly Webinar - 2021-10-05 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan

601 - 620 of 4835