Date   

OpenChain China Work Group Meeting 2021-12-08 10:00 CST

 

The OpenChain Project, in collaboration with our local community and our friends in policy and standards institutes, will host the final China meeting of the year at 10:00 China Standard Time tomorrow.

All welcome!

https://zoom.us/j/4377592799


Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: OpenChain Automation Case Study #6 2021 -12-08 (Wednesday) at 09:00 UTC / 10:00 CET / 17:00 CST / 18:00 KST + JST.

 

A reminder that we have our 6th (and final part for 2021) of the automation case study tomorrow.

We look forward to seeing you on 2021-12-08 (Wednesday) at 09:00 UTC / 10:00 CET / 17:00 CST / 18:00 KST + JST.

We will dig further into supply chain management with SBOMs. The goal is to ensure that every company, everywhere will have a confident starting point for rolling out solutions that work for manual and automated review.

Regards

Shane

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan

On Dec 6, 2021, at 19:33, Shane Coughlan <scoughlan@linuxfoundation.org> wrote:

Dear All

Due to a high level of interest in our automation case-study focus on a virtual supply chain we are going to do a little adjustment in our final webinar before the Open Compliance Summit.

Part #6 will expand on the supply chain discussion from last time. Then after the Open Compliance Summit we will continue the case study in January with the Facebook case study, information about online services around ScanCode, and more.

All welcome. No registration.
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)

Confirm your timezone: 09:00 UTC / 10:00 CET / 17:00 CST / 18:00 KST + JST.

Regards

Shane


Re: OpenChain Bi-Weekly Webinar 2021 -12-07 (Tomorrow) 14:00 UTC (07:00 PDT / 15:00 CET / 22:00 CST / 23:00 JST)

 

Apologies. Timing was incorrect on this mail. Correct timing is on the global calendar.

Regards

Shane

On Dec 6, 2021, at 19:29, Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@lists.openchainproject.org> wrote:

Dear All

Our regular bi-weekly webinar this week will be focused on TODO Group. Ana, who is leading the coordination of our sister project, will join and run through the latest context for their work. Highly recommended for anyone thinking of creating a physical or virtual OSPO!

All welcome. No registration.
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)

Regards

Shane




OpenChain Automation Case Study #6 2021 -12-08 (Wednesday) at 09:00 UTC / 10:00 CET / 17:00 CST / 18:00 KST + JST.

 

Dear All

Due to a high level of interest in our automation case-study focus on a virtual supply chain we are going to do a little adjustment in our final webinar before the Open Compliance Summit.

Part #6 will expand on the supply chain discussion from last time. Then after the Open Compliance Summit we will continue the case study in January with the Facebook case study, information about online services around ScanCode, and more.

All welcome. No registration.
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)

Confirm your timezone: 09:00 UTC / 10:00 CET / 17:00 CST / 18:00 KST + JST.

Regards

Shane


OpenChain Bi-Weekly Webinar 2021 -12-07 (Tomorrow) 14:00 UTC (07:00 PDT / 15:00 CET / 22:00 CST / 23:00 JST)

 

Dear All

Our regular bi-weekly webinar this week will be focused on TODO Group. Ana, who is leading the coordination of our sister project, will join and run through the latest context for their work. Highly recommended for anyone thinking of creating a physical or virtual OSPO!

All welcome. No registration.
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)

Regards

Shane


Re: Meanwhile in Korea… (Meeting 12 on 20th)

Haksung
 

Please pray that I can survive to the end of this game on December 20th...

<gather.town by Soim>


Re: Meanwhile in Korea… (Meeting 12 on 20th)

Norio Kobota
 

Wow, great. So interesting!

It would be interesting to hold an event as a competition like DEFCON.

差出人: main@... <main@...> が Jeff Luszcz <jeffluszczdev@...> の代理で送信
送信日時: Sunday, December 5, 2021 3:33:48 AM
宛先: main@... <main@...>
件名: Re: [openchain] Meanwhile in Korea… (Meeting 12 on 20th)
 
You have 45 minutes to create a thirdpartynotices.txt file from these 3500 node packages.
Start!

On Fri, Dec 3, 2021 at 2:03 AM Shane Coughlan <scoughlan@...> wrote:
Image by Soim of the Korea Work Group...
I am not totally sure what our Korean Work Group is planning for the 12th meeting on the 20th but I suspect we may not be seeing all of them again.


Re: Meanwhile in Korea… (Meeting 12 on 20th)

Jeff Luszcz
 

You have 45 minutes to create a thirdpartynotices.txt file from these 3500 node packages.
Start!

On Fri, Dec 3, 2021 at 2:03 AM Shane Coughlan <scoughlan@...> wrote:
Image by Soim of the Korea Work Group...
I am not totally sure what our Korean Work Group is planning for the 12th meeting on the 20th but I suspect we may not be seeing all of them again.


Meanwhile in Korea… (Meeting 12 on 20th)

 

Image by Soim of the Korea Work Group...
I am not totally sure what our Korean Work Group is planning for the 12th meeting on the 20th but I suspect we may not be seeing all of them again.


Japan Work Group Advent Calendar 2021 Now Live!

 

Our annual Japan Work Group Advent Calendar is now underway. This is perhaps the largest annual community activity around our global project, with over 20 articles published by contributors from a wide range of companies. Posts often have English summaries, and this is a great way to check out some of the key Far Eastern news around OpenChain ISO/IEC 5230:2020. Huge thanks to Watanabe San, Fukuchi San, Owada San, and everyone else who makes this happen!
Learn more:


Re: DONE? - Introduction to Open Source License Compliance Management (LFC193)

 

OK! I will forward to the team :)

On Nov 26, 2021, at 14:33, Balakrishna Mukundaraj (MS/ECA5-XC) <Balakrishna.Mukundraj@in.bosch.com> wrote:

Hi Shane,

Sure, we can do that. I forgot to mention thank you and everyone for getting it completed 😊

We can start working again once we get review point from them.

Mit freundlichen Grüßen / Best regards

Mukundaraj Balakrishna

Information co-ordination (RBEI/ECA5)
Robert Bosch GmbH | Postfach 10 60 50 | 70049 Stuttgart | GERMANY | www.bosch.com
Tel. +91 80 6657-5938 | Mobile +91-96207-91838 | Fax +91 80 6617-0711 | Balakrishna.Mukundraj@in.bosch.com

Registered Office: Stuttgart, Registration Court: Amtsgericht Stuttgart, HRB 14000;
Chairman of the Supervisory Board: Franz Fehrenbach; Managing Directors: Dr. Volkmar Denner,
Prof. Dr. Stefan Asenkerschbaumer, Filiz Albrecht, Dr. Christian Fischer, Dr. Stefan Hartung,
Dr. Markus Heyn, Harald Kröger, Rolf Najork

-----Original Message-----
From: Shane Coughlan <scoughlan@linuxfoundation.org>
Sent: Friday, November 26, 2021 9:53 AM
To: Balakrishna Mukundaraj (MS/ECA5-XC) <balakrishna.mukundraj@in.bosch.com>
Cc: OpenChain Education <education@lists.openchainproject.org>; OpenChain Main <main@lists.openchainproject.org>
Subject: DONE? - Introduction to Open Source License Compliance Management (LFC193)

Hi Balakrishna

It seems like our Introduction to Open Source License Compliance Management (LFC193) course may be done:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY%2Fedit%3Fpli%3D1%23&;data=04%7C01%7Cbalakrishna.mukundraj%40in.bosch.com%7Cf711c2d39d6f4b7aa6a008d9b0945fed%7C0ae51e1907c84e4bbb6d648ee58410f4%7C0%7C0%7C637734973574682076%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=loTOHYEObR5IzKByHCCJCbAtZUEC%2FJHWuRH6S4oBSU0%3D&amp;reserved=0

Shall we skip the weekly call today and send this material to LF Training for confirmation?

Regards

Shane


Re: DONE? - Introduction to Open Source License Compliance Management (LFC193)

Balakrishna Mukundaraj
 

Hi Shane,

Sure, we can do that. I forgot to mention thank you and everyone for getting it completed 😊

We can start working again once we get review point from them.

Mit freundlichen Grüßen / Best regards

Mukundaraj Balakrishna

Information co-ordination (RBEI/ECA5)
Robert Bosch GmbH | Postfach 10 60 50 | 70049 Stuttgart | GERMANY | www.bosch.com
Tel. +91 80 6657-5938 | Mobile +91-96207-91838 | Fax +91 80 6617-0711 | Balakrishna.Mukundraj@in.bosch.com

Registered Office: Stuttgart, Registration Court: Amtsgericht Stuttgart, HRB 14000;
Chairman of the Supervisory Board: Franz Fehrenbach; Managing Directors: Dr. Volkmar Denner,
Prof. Dr. Stefan Asenkerschbaumer, Filiz Albrecht, Dr. Christian Fischer, Dr. Stefan Hartung,
Dr. Markus Heyn, Harald Kröger, Rolf Najork

-----Original Message-----
From: Shane Coughlan <scoughlan@linuxfoundation.org>
Sent: Friday, November 26, 2021 9:53 AM
To: Balakrishna Mukundaraj (MS/ECA5-XC) <balakrishna.mukundraj@in.bosch.com>
Cc: OpenChain Education <education@lists.openchainproject.org>; OpenChain Main <main@lists.openchainproject.org>
Subject: DONE? - Introduction to Open Source License Compliance Management (LFC193)

Hi Balakrishna

It seems like our Introduction to Open Source License Compliance Management (LFC193) course may be done:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY%2Fedit%3Fpli%3D1%23&;data=04%7C01%7Cbalakrishna.mukundraj%40in.bosch.com%7Cf711c2d39d6f4b7aa6a008d9b0945fed%7C0ae51e1907c84e4bbb6d648ee58410f4%7C0%7C0%7C637734973574682076%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=loTOHYEObR5IzKByHCCJCbAtZUEC%2FJHWuRH6S4oBSU0%3D&amp;reserved=0

Shall we skip the weekly call today and send this material to LF Training for confirmation?

Regards

Shane


Revision 1: OpenChain Self-Certification Questionnaire

 

Soft launch today of a new printable variant of our self-certification questionnaire. Seeking review and comments before sharing more widely next week:
https://github.com/OpenChain-Project/Reference-Material/tree/master/Self-Certification-Questionnaire/Official/2.1/en

Regards

Shane


DONE? - Introduction to Open Source License Compliance Management (LFC193)

 

Hi Balakrishna

It seems like our Introduction to Open Source License Compliance Management (LFC193) course may be done:
https://docs.google.com/document/d/1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY/edit?pli=1#

Shall we skip the weekly call today and send this material to LF Training for confirmation?

Regards

Shane


OpenChain Automation Case Study #5 - Running a Supply Chain using open source tooling + SPDX

 

Recording now available. Part #5 explores how SPDX ISO/IEC 5962 works as a Software Bill of Materials (SBOM) in the supply chain through existing open source tooling for open source compliance.
https://www.openchainproject.org/news/2021/11/24/automation-case-study-5

Check out the entire case study here:
https://www.openchainproject.org/automation-case-study

Huge thanks to Maximilian Huber at TNG for running this webinar.

Regards

Shane


Shane Coughlan
General Manager, OpenChain
e: scoughlan@linuxfoundation.org
p: +81 (0) 80 4035 8083
w: www.linuxfoundation.org

Schedule a call:
https://meetings.hubspot.com/scoughlan


Global Work Group Meeting 2021-11-22 (Final Stage of Making Our New Playbook)

 

We completed most of the work on our new Playbook. This document is targeted for release on December 16th at the Open Compliance Summit.
https://www.openchainproject.org/news/2021/11/23/global-work-group-meeting-2021-11-22


Education Work Team Meeting 2021-11-19

 

We finished all major work on the online training course. Check it out:
https://www.openchainproject.org/news/2021/11/22/education-work-team-meeting-2021-11-19


OpenChain Supplier Education Pack Now In Dutch

 

Thanks to the hard work of Zier den Heijer, Shurjeel Tousif shurjeel.tousif@... and the rest of the team at SeQuenX BV we have a Dutch translation of the Supplier Education Pack. This pack is a one email, one attachement method to bring your suppliers up-to-speed on open source, OpenChain ISO/IEC 5230 and how to adopt the International Standard for open source license compliance.

With this milestone we have the Supplier Education Pack available in nine languages.

Get the Supplier Education Pack:
https://www.openchainproject.org/supplier-education-pack


Re: OpenChain Global Work Team Meeting - 2021 -11-22 (Today) @ 14:00 UTC / 06:00 PST / 15:00 CET / 19:30 IST / 22:00 CST / 23:00 KST + JST

 

Thanks Sebastian! Very useful input.

I concur that more information and knowledge is more helpful than less. Our only balancing act is to provide it without anyone thinking the OpenChain Project endorses X interpretation of a license. Have several sources and a disclaimer covers a lot (or all) of this ground.

Regards

Shane

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan

On Nov 23, 2021, at 0:21, Sebastian Crane <seabass-labrax@gmx.com> wrote:

Dear Shane,

Thanks for leading the interesting discussion today; sorry for having to
leave early. During the meeting, my parents called me to ask if - A: I
knew what AnyDesk was, and B: why 'Amazon Customer Support' wanted them
to install it! All danger was averted, I am glad to say.

It's always good to share links about complex topics such as license
compatibility, as search engines are unfortunately not wont to promote
miscellaneous YAML files on GitHub!

As for the topic of whether OpenChain should be linking to license
compatibility information, I take the view that false negatives are
safer than false positives here. Compatibility information, even if not
100% correct, can still be useful for instance to quickly flag up issues
such as combining code under the CDDL with (GPL'ed) Linux.

For a company which would like to avoid risk, it's perfectly acceptable
to automatically reject any such 'incompatible' combinations whilst
taking the 'compatible' combinations with a grain of salt. However, in
the case of Canonical with ZFS [1], if there are no reasonable
alternatives for a certain piece of software, the company can still
spend time to manually review the license compatibility for their own
use-case.

When it comes to companies with more of a software development focus,
then using tools such as the OSS Review Toolkit with the DoubleOpen
machine-readable information that we discussed could be very
useful. Even if not a substitute for specific legal review, it can be
very good to produce noisy warnings in the CI/CD system when an upstream
software dependency changes its license to something incompatible, which
does happen now and then [2]. Again, this is using the information as
more of a source of warnings rather than a source of truth.

Hope this helps, and I look forward to seeing the playbook be published!
:)

Best wishes,

Sebastian

1: https://ubuntu.com/blog/zfs-licensing-and-linux
2: https://www.theregister.com/2021/03/25/ruby_rails_code/





REMINDER: Today is the Automation Case Study “virtual supply chain” showing code going through multiple scanners and maintaining SPDX integrity @ 09:00 UTC

 

REMINDER: Today is the Automation Case Study “virtual supply chain” showing code going through multiple scanners and maintaining SPDX integrity @ 09:00 UTC.

We will hold it on Zoom:
https://zoom.us/j/4377592799

Everyone is welcome. No registration needed.

Need more timezone information?

The event will take place on November 24th at 09:00 UTC / 10:00 CET / 17:00 CST / 18:00 KST + JST. The event is in our global calendar:
https://www.openchainproject.org/community

Regards

Shane

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan

81 - 100 of 4400