Date   

Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Hiro Fukuchi
 

Thank you so much, Astrid and Stefanie!
I am very excited to see the Germany community power to create the German version of FAQ.
I hope other language versions come.

---
Hiro Fukuchi (Hiroyuki.Fukuchi@...)
Sony

-----Original Message-----
From: main@... <main@...> On
Behalf Of Astrid Spura
Sent: Wednesday, June 15, 2022 9:20 PM
To: main@...; germany-wg@...
Subject: Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about
OSS Licensing (English and Japanese

Dear all,

Please find enclosed the German translation of the FAQ: "Common
Misunderstandings about OSS Licensing" that has been anncounced some time
ago. Thanks a lot to Stefanie Pors for reviewing and commenting. As Shane put it,
please share it far and wide...

Thanks,
Astrid
OSADL eG


Am 27.01.22 um 03:15 schrieb Shane Coughlan:
This is incredible! Thank you all and I am really looking forward to next steps
here. Naturally we will want to share the results far and wide.

On Jan 26, 2022, at 21:31, Astrid Spura <office@...> wrote:

Thank you very much for offering help! Reviewing translation would be great. I
will get in touch in time.

Best regards,
Astrid






Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Astrid Spura <office@...>
 

Dear all,

Please find enclosed the German translation of the FAQ: "Common Misunderstandings about OSS Licensing" that has been anncounced some time ago. Thanks a lot to Stefanie Pors for reviewing and commenting. As Shane put it, please share it far and wide...

Thanks,
Astrid
OSADL eG


Am 27.01.22 um 03:15 schrieb Shane Coughlan:

This is incredible! Thank you all and I am really looking forward to next steps here. Naturally we will want to share the results far and wide.

On Jan 26, 2022, at 21:31, Astrid Spura <office@...> wrote:

Thank you very much for offering help! Reviewing translation would be great. I will get in touch in time.

Best regards,
Astrid


Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese)

Carsten Emde
 

Dear all,

Please find enclosed the German translation of the FAQ: "Common Misunderstandings about OSS Licensing" that has been announced some time ago. Thanks a lot to Stefanie Pors for reviewing and commenting.

The translation was done primarily by Astrid Spura, with some assistance from the OSADL team.

As Shane put it, please share it far and wide...

Best regards,
Carsten Emde on behalf of the OSADL team

On 1/27/22 03:15, Shane Coughlan wrote:
This is incredible! Thank you all and I am really looking forward to next steps here. Naturally we will want to share the results far and wide.

On Jan 26, 2022, at 21:31, Astrid Spura <office@...> wrote:

Thank you very much for offering help! Reviewing translation would be great. I will get in touch in time.

Best regards,
Astrid


OpenChain India Work Group Meeting 2022-05-31 - Full Recording

 

Bit of a catch-up. You can check out the full recording of our recent India Work Group meeting right here:
https://www.openchainproject.org/news/2022/06/07/india-wg-2022-05-31


OSPO News - TODO seeking for collaborators

Ana Jimenez Santamaria
 

Hi everyone!

This is Ana from TODO Group 🙂

At TODO, we are introducing a new framework for in-person OSPO workshops piloting in Europe first so people can talk openly about their organization's open source challenges and work together on shared solutions. The workshop initiative aims to bring together the various communities involved in OSPO-specific topics (like OpenChain) to help organizations effectively implement OSPO Programs based on specific region needs.

Topics range from safely using open source to license compliance, sustainability, contributing back to the community, and more. We would love to see TODO and OpenChain collaborating together in these in-person workshops to help more organizations in their OSPO journey 🙂

Also, I'd like to mention that today we just launched the new OSPO Mind Map 2.0 version, where we have listed new OSPO responsibilities and sub-categories ➡️ https://todogroup.org/blog/ospo-mind-map-2-release/

At this moment, Thomas Steenbergen and I are looking for organizations to act as the hosting party to make available a meeting room for upcoming in-person workshops. If anyone would be interested, please let us know!


Happy to answer any questions and/or schedule a talk to discuss more the OSPOlogy in-person workshops & OSPO Mind Map!

Best
Ana

--
Ana Jiménez Santamaría

Senior Project Manager at TODO Group (#OSPO)

💬 Languages: English, Español, 日本語
🙋 Pronouns: she/her
🕐 Timezone: CET / CEST

Download the latest study on the Evolution of The Open Source Program Office. Includes an OSPO maturity model, practical implementation from noted OSPO programs across regions and sectors, and a set of archetypes.





Re: Webinar #43 – Inner Source and the OSPO – 2022-06-14 @ 06:00 UTC

 

Reminder, we kick off in ten minutes. If you are interested in inner-source, this is the presentation to watch.

On Jun 13, 2022, at 17:11, Shane Coughlan <scoughlan@...> wrote:
Dirk Riehle will deliver our 43rd webinar as we explore Inner Source and the OSPO. He will introduce inner source, its significance for the open source program office, and how to quantify and solve the problem of intellectual property value flows inside companies.
Join us at 06:00 UTC on the 14th of June right here:
https://zoom.us/j/4377592799


Webinar #43 – Inner Source and the OSPO – 2022-06-14 @ 06:00 UTC

 

Dirk Riehle will deliver our 43rd webinar as we explore Inner Source and the OSPO. He will introduce inner source, its significance for the open source program office, and how to quantify and solve the problem of intellectual property value flows inside companies.
Join us at 06:00 UTC on the 14th of June right here:
https://zoom.us/j/4377592799
Check your timezone:
PDT United States Pacific UTC-07:00
UTC Coordinated Universal Time UTC
CET Central European Time UTC+01:00
IST India Standard Time UTC+05:30
CST China Standard Time UTC+08:00
KST Korea Standard Time UTC+09:00
JST Japan Standard Time UTC+09:00
Join via one tap mobile:
+86 10 8783 3177,,4377592799# Mainland China
+33 1 8699 5831,,4377592799# France
+49 69 7104 9922,,4377592799# Germany
+81 524 564 439,,4377592799# Japan
+82 2 3143 9612,,4377592799# Korea
+91 80 71 279 440,,4377592799# India
+886 (2) 7741 7473,,4377592799# Taiwan
+44 330 088 5830,,4377592799# UK
+13017158592,,4377592799# USA
Find your local country number:
https://zoom.us/u/awFnORNiA
Meeting ID: 437 759 2799
Learn More About Our Speaker


Re: Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

Steve Kilbane
 

I did! Not least of which because https://automatecompliance.org/ was either new to me, or I'd forgotten about it. 😊

Thanks to all for putting these courses together, and for the LF for hosting them. I've also been trawling through some of the more basic courses with an eye to using them to supplement internal training.

steve

-----Original Message-----
From: main@... <main@...> On Behalf Of Shane Coughlan
Sent: 10 June 2022 04:33
To: OpenChain Main <main@...>
Subject: Re: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

[External]

Fantastic! I hope you found them useful.

Shane

On Jun 9, 2022, at 22:31, Steve Kilbane <stephen.kilbane@...> wrote:

And done!

(And LFC193 too, while I was at it.)

From: main@... <main@...> On Behalf Of Dr. Rajiv Iyer
Sent: 07 June 2022 17:40
To: main@...
Subject: Re: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

[External]

Excellent course designed. I too completed it and received certificate.

Regards
Dr. Rajiv Iyer


On Tue, Jun 7, 2022 at 4:19 PM Balakrishna Mukundaraj <balakrishna1838@...> wrote:
Awesome Jonas, please do share your experience and review of the course. 😊

Thanks,
Balakrishna

On Tue, 7 Jun 2022 at 16:13, Shane Coughlan <scoughlan@...> wrote:
Bravo!

Jonas is officially the first to complete 🙂👍

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://urldefense.com/v3/__https://meetings.hubspot.com/scoughlan__;!!A3Ni8CS0y2Y!4zSDnGkO3_8eNTm69AZ6SzarJpFYHeZUT_HdKvKhWuxEh95LIUb6vqZ0BHfgjmUvAeeaxxcRo-B59LmKuU58Rl8rhehWwps$


On Jun 7, 2022, at 19:31, Öberg Jonas via lists.openchainproject.org<jonas.oberg=scania.com@...> wrote:


Thank you Shane -- good work on bringing this forward.
I have diligently attended and completed the course. 🙂

Best regards,

Jonas Öberg

IT Business Architect & Head of Scania Open Source Program | Infrastructure Delivery, IUA | Scania

Phone: +46 8 553 80546 Mobile: +46 700 812 623

Address, Nyköpings v 41-49, Södertälje, Sweden

jonas.oberg@...



https://urldefense.com/v3/__http://www.scania.com__;!!A3Ni8CS0y2Y!4zSDnGkO3_8eNTm69AZ6SzarJpFYHeZUT_HdKvKhWuxEh95LIUb6vqZ0BHfgjmUvAeeaxxcRo-B59LmKuU58Rl8r9_xzv_Y$ | https://urldefense.com/v3/__http://www.facebook.com/scaniagroup__;!!A3Ni8CS0y2Y!4zSDnGkO3_8eNTm69AZ6SzarJpFYHeZUT_HdKvKhWuxEh95LIUb6vqZ0BHfgjmUvAeeaxxcRo-B59LmKuU58Rl8rp_37sOY$



<image001.png>

From: main@... <main@...> on behalf of Shane Coughlan <scoughlan@...>
Sent: Tuesday, June 7, 2022 11:25
To: OpenChain Main <main@...>
Cc: OpenChain Education <education@...>; OpenChain Partners <partners@...>; OpenChain Germany <germany-wg@...>; OpenChain Telco Work Group <telco@...>; OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>
Subject: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

The OpenChain Project is committed to helping companies around the world experience a trusted supply chain. As part of this, our community develops and releases a ton of reference material to provide context, examples and training.

In our latest training course you can learn how open source compliance management systems should be structured and implemented to be most effective. Take the course for free over at LF Training and get a badge to mark your completion.

Take the course:
https://urldefense.com/v3/__https://www.openchainproject.org/featured/2022/06/07/lfc-194-available__;!!A3Ni8CS0y2Y!4zSDnGkO3_8eNTm69AZ6SzarJpFYHeZUT_HdKvKhWuxEh95LIUb6vqZ0BHfgjmUvAeeaxxcRo-B59LmKuU58Rl8re3QV__w$




--
Thanks & Regards,
Balakrishna


Re: Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

 

Fantastic! I hope you found them useful.

Shane

On Jun 9, 2022, at 22:31, Steve Kilbane <stephen.kilbane@...> wrote:

And done!

(And LFC193 too, while I was at it.)

From: main@... <main@...> On Behalf Of Dr. Rajiv Iyer
Sent: 07 June 2022 17:40
To: main@...
Subject: Re: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

[External]

Excellent course designed. I too completed it and received certificate.

Regards
Dr. Rajiv Iyer


On Tue, Jun 7, 2022 at 4:19 PM Balakrishna Mukundaraj <balakrishna1838@...> wrote:
Awesome Jonas, please do share your experience and review of the course. 😊

Thanks,
Balakrishna

On Tue, 7 Jun 2022 at 16:13, Shane Coughlan <scoughlan@...> wrote:
Bravo!

Jonas is officially the first to complete 🙂👍

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


On Jun 7, 2022, at 19:31, Öberg Jonas via lists.openchainproject.org<jonas.oberg=scania.com@...> wrote:


Thank you Shane -- good work on bringing this forward.
I have diligently attended and completed the course. 🙂

Best regards,

Jonas Öberg

IT Business Architect & Head of Scania Open Source Program | Infrastructure Delivery, IUA | Scania

Phone: +46 8 553 80546 Mobile: +46 700 812 623

Address, Nyköpings v 41-49, Södertälje, Sweden

jonas.oberg@...



www.scania.com | www.facebook.com/scaniagroup



<image001.png>

From: main@... <main@...> on behalf of Shane Coughlan <scoughlan@...>
Sent: Tuesday, June 7, 2022 11:25
To: OpenChain Main <main@...>
Cc: OpenChain Education <education@...>; OpenChain Partners <partners@...>; OpenChain Germany <germany-wg@...>; OpenChain Telco Work Group <telco@...>; OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>
Subject: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

The OpenChain Project is committed to helping companies around the world experience a trusted supply chain. As part of this, our community develops and releases a ton of reference material to provide context, examples and training.

In our latest training course you can learn how open source compliance management systems should be structured and implemented to be most effective. Take the course for free over at LF Training and get a badge to mark your completion.

Take the course:
https://www.openchainproject.org/featured/2022/06/07/lfc-194-available




--
Thanks & Regards,
Balakrishna


Re: Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

Steve Kilbane
 

And done!

 

(And LFC193 too, while I was at it.)

 

From: main@... <main@...> On Behalf Of Dr. Rajiv Iyer
Sent: 07 June 2022 17:40
To: main@...
Subject: Re: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

 

[External]

 

Excellent course designed. I too completed it and received certificate.

 

Regards

Dr. Rajiv Iyer

 

 

On Tue, Jun 7, 2022 at 4:19 PM Balakrishna Mukundaraj <balakrishna1838@...> wrote:

Awesome Jonas, please do share your experience and review of the course. 😊

 

Thanks,

Balakrishna 

 

On Tue, 7 Jun 2022 at 16:13, Shane Coughlan <scoughlan@...> wrote:

Bravo!

 

Jonas is officially the first to complete 🙂👍

Shane Coughlan

OpenChain General Manager

+818040358083

Book a meeting:



On Jun 7, 2022, at 19:31, Öberg Jonas via lists.openchainproject.org <jonas.oberg=scania.com@...> wrote:



Thank you Shane -- good work on bringing this forward.

I have diligently attended and completed the course. 🙂

 

Best regards,

 

Jonas Öberg

IT Business Architect & Head of Scania Open Source Program | Infrastructure Delivery, IUA | Scania

Phone: +46 8 553 80546  Mobile: +46 700  812 623

Address, Nyköpings v 41-49, Södertälje, Sweden

jonas.oberg@...

 

www.scania.com | www.facebook.com/scaniagroup

 


From: main@... <main@...> on behalf of Shane Coughlan <scoughlan@...>
Sent: Tuesday, June 7, 2022 11:25
To: OpenChain Main <main@...>
Cc: OpenChain Education <education@...>; OpenChain Partners <partners@...>; OpenChain Germany <germany-wg@...>; OpenChain Telco Work Group <telco@...>; OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>
Subject: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

 

The OpenChain Project is committed to helping companies around the world experience a trusted supply chain. As part of this, our community develops and releases a ton of reference material to provide context, examples and training.

In our latest training course you can learn how open source compliance management systems should be structured and implemented to be most effective. Take the course for free over at LF Training and get a badge to mark your completion.

Take the course:
https://www.openchainproject.org/featured/2022/06/07/lfc-194-available



--

Thanks & Regards,
Balakrishna


[oss-based-compliance-tooling] materials updated

 

Heads up. Really important stuff happening in the tooling work group 👍

Join the discussion:
https://groups.io/g/oss-based-compliance-tooling

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan

Begin forwarded message:

From: Jan Thielscher <jan.thielscher@...>
Date: June 8, 2022 17:24:34 JST
To: oss-based-compliance-tooling@groups.io
Subject: [oss-based-compliance-tooling] materials updated
Reply-To: oss-based-compliance-tooling@groups.io

Dear all,



thank you again for all your valuable inputs. Today we again covered three important and complex topics. Please find the latest results (v1.5.2) in the repository at https://github.com/Open-Source-Compliance/Sharing-creates-value/tree/master/Tooling-Landscape/CapabilityMap



But since we still have a few capabilities left (7), I would want to ask you, whether it would be Ok for you, to change our schedule to weekly, for the coming weeks. If we maintain our today’s  performance, we the would be able to finalize the map before the summer break.



Please give me an indication, whether it will be possible for you to arrange that. Thank you &



Mit freundlichem Gruß / best regards

Jan Thielscher



T: +49 69 153 227 750

F: +49 69 153 227 751

W: https://www.eacg.de

W: https://www.trustsource.io

FOLLOW US @ https://www.eacg.de/linkedin



----

Enterprise Architecture Consulting Group

Taunustor 1 (TaunusTurm), 60310 Frankfurt am Main

EACG GmbH

Handelsregister Frankfurt am Main HRB 84852

Geschäftsführer: Jan Thielscher

EACG Operations Services GmbH

Handelsregister Frankfurt am Main HRB 101441

Geschäftsführer: Jan Thielscher








<smime.p7s>


Re: Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

Balakrishna Mukundaraj
 

Awesome, thank you for your feedback Rajiv😊

Regards,
Balakrishna

On Tue, 7 Jun 2022 at 22:10, Dr. Rajiv Iyer <rajivkjs@...> wrote:
Excellent course designed. I too completed it and received certificate.

Regards
Dr. Rajiv Iyer


On Tue, Jun 7, 2022 at 4:19 PM Balakrishna Mukundaraj <balakrishna1838@...> wrote:
Awesome Jonas, please do share your experience and review of the course. 😊

Thanks,
Balakrishna 

On Tue, 7 Jun 2022 at 16:13, Shane Coughlan <scoughlan@...> wrote:
Bravo!

Jonas is officially the first to complete 🙂👍

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:

On Jun 7, 2022, at 19:31, Öberg Jonas via lists.openchainproject.org <jonas.oberg=scania.com@...> wrote:


Thank you Shane -- good work on bringing this forward.
I have diligently attended and completed the course. 🙂

Best regards,

Jonas Öberg

IT Business Architect & Head of Scania Open Source Program | Infrastructure Delivery, IUA | Scania

Phone: +46 8 553 80546  Mobile: +46 700  812 623

Address, Nyköpings v 41-49, Södertälje, Sweden

jonas.oberg@...

 

www.scania.com | www.facebook.com/scaniagroup


Outlook-zr0nyvpe.png


From: main@... <main@...> on behalf of Shane Coughlan <scoughlan@...>
Sent: Tuesday, June 7, 2022 11:25
To: OpenChain Main <main@...>
Cc: OpenChain Education <education@...>; OpenChain Partners <partners@...>; OpenChain Germany <germany-wg@...>; OpenChain Telco Work Group <telco@...>; OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>
Subject: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available
 
The OpenChain Project is committed to helping companies around the world experience a trusted supply chain. As part of this, our community develops and releases a ton of reference material to provide context, examples and training.

In our latest training course you can learn how open source compliance management systems should be structured and implemented to be most effective. Take the course for free over at LF Training and get a badge to mark your completion.

Take the course:
https://www.openchainproject.org/featured/2022/06/07/lfc-194-available




--
Thanks & Regards,
Balakrishna

--
Thanks & Regards,
Balakrishna


Re: Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

Dr. Rajiv Iyer
 

Excellent course designed. I too completed it and received certificate.

Regards
Dr. Rajiv Iyer


On Tue, Jun 7, 2022 at 4:19 PM Balakrishna Mukundaraj <balakrishna1838@...> wrote:
Awesome Jonas, please do share your experience and review of the course. 😊

Thanks,
Balakrishna 

On Tue, 7 Jun 2022 at 16:13, Shane Coughlan <scoughlan@...> wrote:
Bravo!

Jonas is officially the first to complete 🙂👍

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:

On Jun 7, 2022, at 19:31, Öberg Jonas via lists.openchainproject.org <jonas.oberg=scania.com@...> wrote:


Thank you Shane -- good work on bringing this forward.
I have diligently attended and completed the course. 🙂

Best regards,

Jonas Öberg

IT Business Architect & Head of Scania Open Source Program | Infrastructure Delivery, IUA | Scania

Phone: +46 8 553 80546  Mobile: +46 700  812 623

Address, Nyköpings v 41-49, Södertälje, Sweden

jonas.oberg@...

 

www.scania.com | www.facebook.com/scaniagroup


Outlook-zr0nyvpe.png


From: main@... <main@...> on behalf of Shane Coughlan <scoughlan@...>
Sent: Tuesday, June 7, 2022 11:25
To: OpenChain Main <main@...>
Cc: OpenChain Education <education@...>; OpenChain Partners <partners@...>; OpenChain Germany <germany-wg@...>; OpenChain Telco Work Group <telco@...>; OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>
Subject: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available
 
The OpenChain Project is committed to helping companies around the world experience a trusted supply chain. As part of this, our community develops and releases a ton of reference material to provide context, examples and training.

In our latest training course you can learn how open source compliance management systems should be structured and implemented to be most effective. Take the course for free over at LF Training and get a badge to mark your completion.

Take the course:
https://www.openchainproject.org/featured/2022/06/07/lfc-194-available




--
Thanks & Regards,
Balakrishna


Re: Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

Balakrishna Mukundaraj
 

Awesome Jonas, please do share your experience and review of the course. 😊

Thanks,
Balakrishna 

On Tue, 7 Jun 2022 at 16:13, Shane Coughlan <scoughlan@...> wrote:
Bravo!

Jonas is officially the first to complete 🙂👍

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:

On Jun 7, 2022, at 19:31, Öberg Jonas via lists.openchainproject.org <jonas.oberg=scania.com@...> wrote:


Thank you Shane -- good work on bringing this forward.
I have diligently attended and completed the course. 🙂

Best regards,

Jonas Öberg

IT Business Architect & Head of Scania Open Source Program | Infrastructure Delivery, IUA | Scania

Phone: +46 8 553 80546  Mobile: +46 700  812 623

Address, Nyköpings v 41-49, Södertälje, Sweden

jonas.oberg@...

 

www.scania.com | www.facebook.com/scaniagroup


Outlook-zr0nyvpe.png


From: main@... <main@...> on behalf of Shane Coughlan <scoughlan@...>
Sent: Tuesday, June 7, 2022 11:25
To: OpenChain Main <main@...>
Cc: OpenChain Education <education@...>; OpenChain Partners <partners@...>; OpenChain Germany <germany-wg@...>; OpenChain Telco Work Group <telco@...>; OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>
Subject: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available
 
The OpenChain Project is committed to helping companies around the world experience a trusted supply chain. As part of this, our community develops and releases a ton of reference material to provide context, examples and training.

In our latest training course you can learn how open source compliance management systems should be structured and implemented to be most effective. Take the course for free over at LF Training and get a badge to mark your completion.

Take the course:
https://www.openchainproject.org/featured/2022/06/07/lfc-194-available




--
Thanks & Regards,
Balakrishna


Re: Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

 

Bravo!

Jonas is officially the first to complete 🙂👍

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan

On Jun 7, 2022, at 19:31, Öberg Jonas via lists.openchainproject.org <jonas.oberg=scania.com@...> wrote:


Thank you Shane -- good work on bringing this forward.
I have diligently attended and completed the course. 🙂

Best regards,

Jonas Öberg

IT Business Architect & Head of Scania Open Source Program | Infrastructure Delivery, IUA | Scania

Phone: +46 8 553 80546  Mobile: +46 700  812 623

Address, Nyköpings v 41-49, Södertälje, Sweden

jonas.oberg@...

 

www.scania.com | www.facebook.com/scaniagroup


Outlook-zr0nyvpe.png


From: main@... <main@...> on behalf of Shane Coughlan <scoughlan@...>
Sent: Tuesday, June 7, 2022 11:25
To: OpenChain Main <main@...>
Cc: OpenChain Education <education@...>; OpenChain Partners <partners@...>; OpenChain Germany <germany-wg@...>; OpenChain Telco Work Group <telco@...>; OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>
Subject: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available
 
The OpenChain Project is committed to helping companies around the world experience a trusted supply chain. As part of this, our community develops and releases a ton of reference material to provide context, examples and training.

In our latest training course you can learn how open source compliance management systems should be structured and implemented to be most effective. Take the course for free over at LF Training and get a badge to mark your completion.

Take the course:
https://www.openchainproject.org/featured/2022/06/07/lfc-194-available





Re: Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

Öberg Jonas
 

Thank you Shane -- good work on bringing this forward.
I have diligently attended and completed the course. 🙂

Best regards,

Jonas Öberg

IT Business Architect & Head of Scania Open Source Program | Infrastructure Delivery, IUA | Scania

Phone: +46 8 553 80546  Mobile: +46 700  812 623

Address, Nyköpings v 41-49, Södertälje, Sweden

jonas.oberg@...

 

www.scania.com | www.facebook.com/scaniagroup




From: main@... <main@...> on behalf of Shane Coughlan <scoughlan@...>
Sent: Tuesday, June 7, 2022 11:25
To: OpenChain Main <main@...>
Cc: OpenChain Education <education@...>; OpenChain Partners <partners@...>; OpenChain Germany <germany-wg@...>; OpenChain Telco Work Group <telco@...>; OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>
Subject: [openchain] Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available
 
The OpenChain Project is committed to helping companies around the world experience a trusted supply chain. As part of this, our community develops and releases a ton of reference material to provide context, examples and training.

In our latest training course you can learn how open source compliance management systems should be structured and implemented to be most effective. Take the course for free over at LF Training and get a badge to mark your completion.

Take the course:
https://www.openchainproject.org/featured/2022/06/07/lfc-194-available





Implementing Open Source License Compliance Management (LFC194) – Training Course Now Available

 

The OpenChain Project is committed to helping companies around the world experience a trusted supply chain. As part of this, our community develops and releases a ton of reference material to provide context, examples and training.

In our latest training course you can learn how open source compliance management systems should be structured and implemented to be most effective. Take the course for free over at LF Training and get a badge to mark your completion.

Take the course:
https://www.openchainproject.org/featured/2022/06/07/lfc-194-available


Re: Tracking third-party deployment

Shurjeel Tousif
 

Hi Steve,

 

We have a preconfigured scanner that handles commercial IP but its not opensource (atleast not yet 😊)..

A database created for commercial IP with information (especially info/metadata on commercial binaries) is quite challenging to store – and each vendors has different commercial ts&cs associated which adds to the challenge.

We started the use of macros in Excel to manage this info by connecting the spreadsheet to various sources (software/db) available within each company and then running additional analysis on that list.

Perhaps we can connect in a call to discuss this if this seems more important at this stage than OSS scan tooling.

 

Regards,

Shurjeel

 

Shurjeel Tousif

SeQuenX BV
De Hooghkamer | Mozartlaan 9, 2215 LS, Voorhout, NL
T +31 63 073 4464  | E shurjeel.tousif@... | M +31 63 073 4464| W www.sequenx.com

 

From: main@... <main@...> On Behalf Of Steve Kilbane via lists.openchainproject.org
Sent: Friday, June 3, 2022 3:25 PM
To: main@...
Subject: Re: [openchain] Tracking third-party deployment

 

Hi Ananth,

 

We do use SCA tools already, so for a given IP we can see which products’ SBOMs include that IP, and traditional compliance would be confirming that the license of that IP is compatible with the licenses of all other components in the product. But there are other questions we’d like to answer, too, when we see commercial IP turning up in a product’s scan for the first time:

  • When does our license to use this IP expire? Has it expired already?
  • Is the developer (or dev team) building this product one of those to whom the IP is licensed?
  • Is the product being built for the platform for which the IP is licensed? E.g. Windows vs Linux vs iOS vs Android.
  • Who in our org is the contact point with the vendor, for this IP?
  • For an IP which is dual-licensed,  is this a use under the open source license or the commercial license?

At the moment, answering these questions (and others) is a somewhat painful process, often involving some poor unfortunate going back to the particular commercial agreement and reading through it again to find the necessary details. Life would be considerably simpler if we could look those details up in a database. And, if it were standard desktop software we were using, that would be possible (swidtags, etc., so my colleagues in our corporate IT dept assure me).

 

Conceivably, we could take something like SW360 and nail a couple dozen custom fields to it, or build a localized database ourselves and use a SW360 external ID reference, but if there are already products – commercial or open source – that anyone can recommend that already handle this, I’d love to know about them.

 

steve

 

From: main@... <main@...> On Behalf Of Anant Vishnu via lists.openchainproject.org
Sent: 03 June 2022 14:01
To: main@...
Subject: Re: [openchain] Tracking third-party deployment

 

[External]

 

Hi Steve,

 

Might sound off, but one idea would be to run an SCA tool which is also tuned to capture and segregate license text/copyright notices embedded in the delivered product (more of a syntactic approach – not limited to open source).

 

I believe Github already has couple of offerings that may assist such as https://github.com/nexB/scancode-toolkit (by nexB) etc.

Might help to set up a scan system for every outbound asset flow so that some form of flag is raised at the onset itself

 

Regards

Ananth

 

 

 

From: main@... <main@...> On Behalf Of Steve Kilbane
Sent: Friday, June 3, 2022 3:55 PM
To: main@...
Subject: [openchain] Tracking third-party deployment

 

[**EXTERNAL EMAIL**]

Hi all,

 

Apologies if this question is off-topic. I figure it’s OpenChainy, in that it relates to tying outbound software back to inbound software.

 

As part of our compliance and SBOM processes, we’re identifying not just our own  code and open source in a delivered product, but also third-party commercial IP. Such commercial IP typically has a bunch of attributes that don’t apply to open source (license expiry dates, specific licensed users, etc.). There are standard commercial offerings that provide “Software Asset Management” for the stuff you *use* - your MS Words, your internal Oracle dbs, etc. These offerings aren’t really suited for something you *ship* as part of your delivered product – especially, as in our case, where the majority of the products are embedded offerings running in minimal footprint, where something like floating license key usage isn’t part of the product.

 

I was wondering whether anyone has recommendations for tools or systems that are suitable for tracking the usage and distribution of commercial IP?

 

Thanks,

 

steve

 


Remember: we can connect at any time

 

Hi everyone!

Just a reminder that you can always connect with me on LinkedIn, and if you have contributed to our community I am happy to provide you with a recommendation:
https://www.linkedin.com/in/shanecoughlan

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: Tracking third-party deployment

Steve Kilbane
 

Hi Ananth,

 

We do use SCA tools already, so for a given IP we can see which products’ SBOMs include that IP, and traditional compliance would be confirming that the license of that IP is compatible with the licenses of all other components in the product. But there are other questions we’d like to answer, too, when we see commercial IP turning up in a product’s scan for the first time:

  • When does our license to use this IP expire? Has it expired already?
  • Is the developer (or dev team) building this product one of those to whom the IP is licensed?
  • Is the product being built for the platform for which the IP is licensed? E.g. Windows vs Linux vs iOS vs Android.
  • Who in our org is the contact point with the vendor, for this IP?
  • For an IP which is dual-licensed,  is this a use under the open source license or the commercial license?

At the moment, answering these questions (and others) is a somewhat painful process, often involving some poor unfortunate going back to the particular commercial agreement and reading through it again to find the necessary details. Life would be considerably simpler if we could look those details up in a database. And, if it were standard desktop software we were using, that would be possible (swidtags, etc., so my colleagues in our corporate IT dept assure me).

 

Conceivably, we could take something like SW360 and nail a couple dozen custom fields to it, or build a localized database ourselves and use a SW360 external ID reference, but if there are already products – commercial or open source – that anyone can recommend that already handle this, I’d love to know about them.

 

steve

 

From: main@... <main@...> On Behalf Of Anant Vishnu via lists.openchainproject.org
Sent: 03 June 2022 14:01
To: main@...
Subject: Re: [openchain] Tracking third-party deployment

 

[External]

 

Hi Steve,

 

Might sound off, but one idea would be to run an SCA tool which is also tuned to capture and segregate license text/copyright notices embedded in the delivered product (more of a syntactic approach – not limited to open source).

 

I believe Github already has couple of offerings that may assist such as https://github.com/nexB/scancode-toolkit (by nexB) etc.

Might help to set up a scan system for every outbound asset flow so that some form of flag is raised at the onset itself

 

Regards

Ananth

 

 

 

From: main@... <main@...> On Behalf Of Steve Kilbane
Sent: Friday, June 3, 2022 3:55 PM
To: main@...
Subject: [openchain] Tracking third-party deployment

 

[**EXTERNAL EMAIL**]

Hi all,

 

Apologies if this question is off-topic. I figure it’s OpenChainy, in that it relates to tying outbound software back to inbound software.

 

As part of our compliance and SBOM processes, we’re identifying not just our own  code and open source in a delivered product, but also third-party commercial IP. Such commercial IP typically has a bunch of attributes that don’t apply to open source (license expiry dates, specific licensed users, etc.). There are standard commercial offerings that provide “Software Asset Management” for the stuff you *use* - your MS Words, your internal Oracle dbs, etc. These offerings aren’t really suited for something you *ship* as part of your delivered product – especially, as in our case, where the majority of the products are embedded offerings running in minimal footprint, where something like floating license key usage isn’t part of the product.

 

I was wondering whether anyone has recommendations for tools or systems that are suitable for tracking the usage and distribution of commercial IP?

 

Thanks,

 

steve

 

381 - 400 of 5042