Date   

Please Participate in the TODO Group 2021 State of OSPO Survey

 

Hey everyone, it’s time to do the OSPO Survey. Links below.




Please Participate in the TODO Group 2021 State of OSPO Survey
OSPOSurvey_Banner

Greetings Shane,

 

The TODO Group, together with Linux Foundation Research and The New Stack, is conducting a survey as part of a research project on the prevalence and outcomes of open source programs among different organizations across the globe. 

 

Open source program offices (OSPOs) help set open source strategies and improve an organization's software development practices. Since 2018, the TODO Group has conducted surveys to assess the state of open source programs across the industry. Today, we are pleased to announce the launch of the 2021 edition featuring additional questions to add value to the community.

 

The survey will generate insights into the following areas, including:

  • The extent of adoption of open source programs and initiatives 
  • Concerns around the hiring of open source developers 
  • Perceived benefits and challenges of open source programs
  • The impact of open source on organizational strategy

Please participate now; we intend to close the survey in early July. Privacy and confidentiality are important to us. Neither participant names, nor their company names, will be published in the final results.

 

To take the 2021 OSPO Survey, click the button below:

 
 

This email was sent by: The TODO Group and Linux Foundation Research


OpenChain Third Monday Webinar - 2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST

 

Our webinar today will feature two excellent talks.

Till Jaeger, JBB Rechtsanwälte on:
How to bring an ancient development project into compliance- best practices

Nicole Pappler, AlektoMetis on:
OpenChain ISO 5230 and Software Quality Management

All welcome. No registration.
https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09

Want to confirm your timezone?
2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST


OpenChain Q2 Mini-Summit – 2021-06-14 – Full Recording

 


OpenChain Partner Mini-Summit – 2020-06-14 – Full Recording

 


Re: What is an SBOM?

 

Awesome post! Thank you so much for sharing!

On Jun 16, 2021, at 18:01, Jari Koivisto <jari.p.koivisto@iki.fi> wrote:

Thanks Shane,

Nice post and here is my LinkedIn post about it: https://www.linkedin.com/posts/jarikoivisto_what-is-an-sbom-linux-foundation-activity-6810848879144128512-IuOu

BR,

Jari

---
Jari Koivisto
E-mail: jari.p.koivisto@iki.fi
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto



On Wed, 16 Jun 2021 at 05:25, Shane Coughlan <scoughlan@linuxfoundation.org> wrote:
What is an SBOM?
A little blog I wrote on the topic of software bill of materials.
https://www.linuxfoundation.org/blog/what-is-an-sbom/

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan



Re: What is an SBOM?

Jari Koivisto
 

Thanks Shane,


BR,

   Jari

---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto



On Wed, 16 Jun 2021 at 05:25, Shane Coughlan <scoughlan@...> wrote:
What is an SBOM? 
A little blog I wrote on the topic of software bill of materials.
https://www.linuxfoundation.org/blog/what-is-an-sbom/

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:


Re: What is an SBOM?

 

Thank you Gilles!

On Jun 16, 2021, at 15:55, Gilles Gravier via lists.openchainproject.org <gilles.gravier=wipro.com@lists.openchainproject.org> wrote:

Thanks Shane!

Nice writing! And very good read! A perfect intro.

Best regards,
<Outlook-3zywgk4k.gif>
Gilles Gravier
Director, Senior Strategy Advisor - Global Open Source Practice
Wipro Limited
M: +41 79 472 8437
in/gillesgravier @gravax

From: main@lists.openchainproject.org <main@lists.openchainproject.org> on behalf of Shane Coughlan via lists.openchainproject.org<scoughlan=linuxfoundation.org@lists.openchainproject.org>
Sent: Wednesday 16 June 2021 05:25
To: OpenChain Main <main@lists.openchainproject.org>
Subject: [openchain] What is an SBOM?

CAUTION:This email is received from an external domain. Open the hyperlink(s) & attachment(s) with caution.
.

What is an SBOM?
A little blog I wrote on the topic of software bill of materials.
https://www.linuxfoundation.org/blog/what-is-an-sbom/

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan
'The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com'


Re: What is an SBOM?

Gilles Gravier
 

Thanks Shane!

Nice writing! And very good read! A perfect intro.

Best regards,

Gilles Gravier
Director, Senior Strategy Advisor - Global Open Source Practice
Wipro Limited
M: +41 79 472 8437
in/gillesgravier  @gravax


From: main@... <main@...> on behalf of Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@...>
Sent: Wednesday 16 June 2021 05:25
To: OpenChain Main <main@...>
Subject: [openchain] What is an SBOM?
 

CAUTION:This email is received from an external domain. Open the hyperlink(s) & attachment(s) with caution.
.
 

What is an SBOM? 
A little blog I wrote on the topic of software bill of materials.
https://www.linuxfoundation.org/blog/what-is-an-sbom/

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan
'The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com'


What is an SBOM?

 

What is an SBOM? 
A little blog I wrote on the topic of software bill of materials.
https://www.linuxfoundation.org/blog/what-is-an-sbom/

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: Education editing at the mini-summit

Kurzmann Marcel (IOC/PDL3) <Marcel.Kurzmann@...>
 

Hi Mark,
Sorry, maybe I missed this in the yesterdays meeting:
Is there already a workspace (Github, Google, ...) with the material that was shown and discussed yesterday for the "security usage reference document" that can be accessed?

Mit freundlichen Grüßen / Best regards

Marcel Kurzmann

Project Delivery Immenstaad (IOC/PDL3)
Bosch.IO GmbH | Ziegelei 7 | 88090 Immenstaad | GERMANY | www.bosch.io
Tel. +49 7545 202-279 | Mobil +49 172 1499942 | Telefax +49 7545 202-301 | Marcel.Kurzmann@bosch.io

Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B
Aufsichtsratsvorsitzender: Dr.-Ing. Thorsten Lücke; Geschäftsführung: Dr. Stefan Ferber, Dr. Aleksandar Mitrovic, Yvonne Reckling


-----Ursprüngliche Nachricht-----
Von: main@lists.openchainproject.org <main@lists.openchainproject.org> Im Auftrag von Shane Coughlan via lists.openchainproject.org
Gesendet: Dienstag, 15. Juni 2021 01:13
An: main@lists.openchainproject.org
Cc: OpenChain Education <education@lists.openchainproject.org>; OpenChain Project Operations <operations@openchainproject.org>
Betreff: Re: [openchain] Education editing at the mini-summit

Dave, Mark, everyone

Please accept my apologies for our unexpected and unwanted disruption via Zoom. A passcode-using and authenticated account adding white noise to the event as it entered the third hour was obviously not a desired outcome. I will be working with LF Technical to discuss strategies for ensuring we still have open access but have a more effective method for removing troublemakers.

Mark, thanks for hosting the second section of the security discussion on your Zoom! Super kudos. And, naturally, thanks to Jenni for helping to transition everyone over.

Regards

Shane

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmeetings.hubspot.com%2Fscoughlan&;data=04%7C01%7CMarcel.Kurzmann%40bosch.io%7C8b340e7ee5be47686ac308d92f89f6bf%7C0ae51e1907c84e4bbb6d648ee58410f4%7C0%7C0%7C637593091861541976%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=SwlBOKZrhDC83IT7G2Jtx%2BEDvbt19Cqkm9YoFvZIf5o%3D&amp;reserved=0

On Jun 15, 2021, at 1:20, Dave Marr <dmarr@qti.qualcomm.com> wrote:

Mark was able to disable the passcode, and if the summit gets Zoom bombed again he will be able to remove them.

Dave

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Sami Atabani
Sent: Monday, June 14, 2021 9:17 AM
To: main@lists.openchainproject.org
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: Re: [openchain] Education editing at the mini-summit

-------------------------------------------------------------------------
CAUTION: This email originated from outside of the organization.
-------------------------------------------------------------------------

Can someone please post the new zoom link and passcode?
Sami

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: 14 June 2021 12:06
To: OpenChain Main <main@lists.openchainproject.org>
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: [openchain] Education editing at the mini-summit

Reminder: we are just doing the first three chapters for the first release. Document here. What do we need to change before going live?
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY%2Fedit%23&;data=04%7C01%7CMarcel.Kurzmann%40bosch.io%7C8b340e7ee5be47686ac308d92f89f6bf%7C0ae51e1907c84e4bbb6d648ee58410f4%7C0%7C0%7C637593091861541976%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=KHiuWCFLDQl%2BWMkMp91QePgplBCzG2pO0JKETqcNDvg%3D&amp;reserved=0




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.











Re: Education editing at the mini-summit

 

Dave, Mark, everyone

Please accept my apologies for our unexpected and unwanted disruption via Zoom. A passcode-using and authenticated account adding white noise to the event as it entered the third hour was obviously not a desired outcome. I will be working with LF Technical to discuss strategies for ensuring we still have open access but have a more effective method for removing troublemakers.

Mark, thanks for hosting the second section of the security discussion on your Zoom! Super kudos. And, naturally, thanks to Jenni for helping to transition everyone over.

Regards

Shane

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan

On Jun 15, 2021, at 1:20, Dave Marr <dmarr@qti.qualcomm.com> wrote:

Mark was able to disable the passcode, and if the summit gets Zoom bombed again he will be able to remove them.

Dave

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Sami Atabani
Sent: Monday, June 14, 2021 9:17 AM
To: main@lists.openchainproject.org
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: Re: [openchain] Education editing at the mini-summit

-------------------------------------------------------------------------
CAUTION: This email originated from outside of the organization.
-------------------------------------------------------------------------

Can someone please post the new zoom link and passcode?
Sami

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: 14 June 2021 12:06
To: OpenChain Main <main@lists.openchainproject.org>
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: [openchain] Education editing at the mini-summit

Reminder: we are just doing the first three chapters for the first release. Document here. What do we need to change before going live?
https://docs.google.com/document/d/1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY/edit#




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.











Re: Education editing at the mini-summit

Dave Marr
 

Mark was able to disable the passcode, and if the summit gets Zoom bombed again he will be able to remove them.

Dave

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Sami Atabani
Sent: Monday, June 14, 2021 9:17 AM
To: main@lists.openchainproject.org
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: Re: [openchain] Education editing at the mini-summit

-------------------------------------------------------------------------
CAUTION: This email originated from outside of the organization.
-------------------------------------------------------------------------

Can someone please post the new zoom link and passcode?
Sami

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: 14 June 2021 12:06
To: OpenChain Main <main@lists.openchainproject.org>
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: [openchain] Education editing at the mini-summit

Reminder: we are just doing the first three chapters for the first release. Document here. What do we need to change before going live?
https://docs.google.com/document/d/1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY/edit#




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: Education editing at the mini-summit

Sami Atabani
 

Can someone please post the new zoom link and passcode?
Sami

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: 14 June 2021 12:06
To: OpenChain Main <main@lists.openchainproject.org>
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: [openchain] Education editing at the mini-summit

Reminder: we are just doing the first three chapters for the first release. Document here. What do we need to change before going live?
https://docs.google.com/document/d/1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY/edit#




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: [education] REMINDER: OpenChain Q2 Mini-Summit 2021-06-14 at 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST

Jari Koivisto
 

Try this URL: https://windriver.zoom.us/j/92761776704?pwd=YU5mUTVXWHV5NnRIZEhyTGk2RXA4QT09


---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto



On Mon, 14 Jun 2021 at 13:06, Shane Coughlan <scoughlan@...> wrote:
This three-hour event will have two live collaboration sessions.

We will open with one hour for the OpenChain education work team. The focus will be on final review of the online course and a discussion of what education work we should do next. This will be lead by Balakrisha, chair of the education work team.

We will continue with a two hour live-editing session for the OpenChain ISO 5230 security usage reference document. The goal will be to have an output that can be immediately used by our community regarding application of OpenChain ISO 5230 in security contexts. This discussion will be lead by Mark, chair of the specification work team.

Everyone is welcome to the event and encouraged to attend. There is no registration or fee to access. Your thoughts and requests for additional activities during the event are also welcome.

Dial in:
https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09





REMINDER: OpenChain Q2 Mini-Summit 2021-06-14 at 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST

 

This three-hour event will have two live collaboration sessions.

We will open with one hour for the OpenChain education work team. The focus will be on final review of the online course and a discussion of what education work we should do next. This will be lead by Balakrisha, chair of the education work team.

We will continue with a two hour live-editing session for the OpenChain ISO 5230 security usage reference document. The goal will be to have an output that can be immediately used by our community regarding application of OpenChain ISO 5230 in security contexts. This discussion will be lead by Mark, chair of the specification work team.

Everyone is welcome to the event and encouraged to attend. There is no registration or fee to access. Your thoughts and requests for additional activities during the event are also welcome.

Dial in:
https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09


Education editing at the mini-summit

 

Reminder: we are just doing the first three chapters for the first release. Document here. What do we need to change before going live?
https://docs.google.com/document/d/1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY/edit#


REMINDER: OpenChain Partner Mini-Summit in 30 minutes (0700 UTC)

 

The OpenChain PARTNER Mini-Summit will be held on the 14th of June at 07:00 UTC / 00:00 PST / 08:00 BST / 09:00 CEST / 12:30 IST / 15:00 CST / 16:00 KST / 16:00 JST.
The two-hour Mini-Summit will start with a discussion about the customer journey, followed by presentations from partners, and end with an open discussion about setting client expectations.
Andrew Katz of Orcro will facilitate the customer journey discussion.
Our partner presentations will be:
  • Gilles Gravier and Reza Alvavi from WIPRO
  • Nicole Pappler from AlektoMetis
  • Martin Callinan from Source Code Control
We will end with the roundtable on client expectations moderated by Shane Coughlan of the OpenChain Project.


May be of interest: Synopsys Open Source Security and Risk Analysis (OSSRA) report

 

"Now in its sixth year, the 2021 Open Source Security and Risk Analysis (OSSRA) report exposes vulnerabilities and license conflicts found in more than 1,500 codebases across 17 industries. The report includes recommendations to help developers and consumers understand the software ecosystem they are a part of, as well as the risks accompanying open source development and use.”
https://www.synopsys.com/software-integrity/resources/analyst-reports/open-source-security-risk-analysis.html


OpenChain Partner Summit Today @ 07:00 UTC / 00:00 PST / 08:00 BST / 09:00 CEST / 12:30 IST / 15:00 CST / 16:00 KST / 16:00 JST

 

Quarterly OpenChain Partner Summit Today (Monday) @ 07:00 UTC / 00:00 PST / 08:00 BST / 09:00 CEST / 12:30 IST / 15:00 CST / 16:00 KST / 16:00 JST. Two hours of talks, panels and roundtables covering key items in the OpenChain ISO 5230 vendor ecosystem. No registration or fee to attend.
https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


OpenChain Partner Mini-Summit - 2020 -06-14 @ 0700 UTC

Jennifer McGinnis <jmcginnis@...>
 

The OpenChain PARTNER Mini-Summit will be held on the 14th of June at 07:00 UTC / 00:00 PST / 08:00 BST / 09:00 CEST / 12:30 IST / 15:00 CST / 16:00 KST / 16:00 JST.

The two-hour Mini-Summit will start with a discussion about the customer journey, followed by presentations from partners, and end with an open discussion about setting client expectations.

Everyone is welcome to the event and encouraged to attend. There is no registration or fee to access. Your thoughts and requests for additional activities during the event are also welcome.

Dial in:


221 - 240 of 4248