Date   

REMINDER: OpenChain M&A Summit 2022 – April 28th @ 14:00 UTC

 

The OpenChain M&A Summit 2022 brings together key law firms and service providers helping clients with M&A. You will come away from this event with a clearer understanding of global trends around open source mergers and acquisitions. Free and open to everyone.

Timing

This event takes places at 14:00 UTC on April 28th and runs for around three hours. That translates to:
• 07:00 PDT
• 12:00 EDT
• 16:00 CEST
• 19:30 IST
• 22:00 CST
• 23:00 KST
• 23:00 JST

Agenda

An Overview of A Typical M&A With OpenChain
Leon Schwartz, GTC Law

M&A From The Perspective Of Security
Jan Thielscher, EACG

Checking Compliance With FOSSmatrix
Hendrik Schottle, Osborne Clark

Sustainability Of Open Source Licenses
Dr. Andreas Kotulla, Bitsea

Specific M&A Transaction Case Study
Marcel Scholze, PwC

Panel with all presenters

RSVP (Required for Entry)


REMINDER: External Webinar: SAP – Open Source License Compliance with OpenChain - 26th April

 

From SAP:

Join us on April 26th at 3:00 pm CEST/1:00 pm UTC/9:00 am EDT/10:00 pm JST for a webinar with Shane Coughlan, OpenChain General Manager at the Linux Foundation, and Peter Giese, Head of the SAP Open Source Program Office, about key requirements of a quality open source compliance program. With his extensive knowledge of open source governance and process development Shane will explain what is important for a healthy open source environment in organizations, while Peter will talk about SAP’s experience getting ready for the OpenChain certification to help to establish trust and reliability among all the participants in software supply chains at SAP.

Register via this link:
https://webinars.sap.com/opensourcelicensecompliance26042022/en/registration.aspx

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Global work team call at 14:00 UTC today

 

A reminder that our regular bi-weekly call takes place at 14:00 UTC today. Today’s call will be a relatively short overview of current developments and a space to raise other items of interest.


image0.jpeg

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: A question about license translations in Chinese, Korean and German

Lucien C.H. Lin - 林誠夏
 

Dear Shane & Ueda San,

This email thread has just been bumped into my eyes this afternoon, please bear with me for the late response.

Firstly, I shall not and can not answer the Simplified Chinese language situation for this question, I think many friends in the list might be able to do that much better than me. However, if you want to know how the Traditional Chinese language translation has been doing on this, I might be able to share some information in Taiwan as best as I can.

In principle, some people like me in the Traditional Chinese FOSS legal community might have contributed to some translation for the index licenses, such as GPL-3.0 and LGPL-3.0, listed here on my blog or on the wikipedia page.

http://lucien.cc/20071129-gpl3不負責任正體中文化草稿/
http://lucien.cc/20070823-lgpl3不負責任正體中文化初版/

However there isn't any complete FOSS license translation project in Traditional Chinese that has been carried out here, ever. I personally envy and admire the achievement you have there in Japanese and Korean language.

But we did prepare a summary introduction for most-used OSI-approved licenses when the "Open Source Software Foundry(OSSF)" project was performed. You can get access to the backup page for this license summary column in Traditional Chinese here: https://ossf.denny.one/tw/licenses.html

Warm Regards,

Lucien C.H. Lin, Legal Adviser at Open Culture Foundation

Satoru Ueda <satoru.ueda@...> 於 2022年4月21日 週四 下午4:40寫道:

Thanks Shane.


S. Ueda
===
| Satoru Ueda / TEL: +81-(0)70-2498-3190 or +81-(0)90-3815-9169
| Open Source Promotion Sec. Technology Alliance Dept.
| Corporate Technology Strategy Div. Sony Corporation

-----Original Message-----
From: Shane Coughlan <scoughlan@...>
Sent: Thursday, April 21, 2022 4:59 PM
To: Ueda, Satoru (SGC) <Satoru.Ueda@...>
Cc: OpenChain Taiwan <taiwan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Japan <japan-wg@...>; OpenChain Main <main@...>
Subject: Re: [openchain] A question about license translations in Chinese, Korean and German

Hi Ueda San, just flagging for you :)

> On Apr 7, 2022, at 15:00, Martin Bührlen via lists.openchainproject.org <martin=buehrlen.com@...> wrote:
>
> There are countless German language websites with information about
> OSS licenses, but I am not aware of any 'official' website.
>
> There is a private initiative (translated: )"Institute for Legal
> Issues of the Free and Open Source Software (ifrOSS)"
> https://urldefense.com/v3/__https://ifross.org/__;!!JmoZiZGBv3RvKRSx!r
> 0iCWr91nvFU4YGRjzwKdIMq-tCJXulkvzyukSc81-OAbWj-bEVw8bQKkwYd56Q$
> [ifross[.]org]  which has a pretty comprehensive list of licenses https://urldefense.com/v3/__https://ifross.github.io/ifrOSS/Lizenzcenter__;!!JmoZiZGBv3RvKRSx!r0iCWr91nvFU4YGRjzwKdIMq-tCJXulkvzyukSc81-OAbWj-bEVw8bQKW27ip48$ [ifross[.]github[.]io] . But this is more directed towards legal experts.
>
> In my opinion, so far the best explanation in layman's terms is
> probably on the German Wikipedia, which has a page for each of the
> mainstream licenses https://urldefense.com/v3/__https://de.wikipedia.org/wiki/Kategorie:FLOSS-Lizenz__;!!JmoZiZGBv3RvKRSx!r0iCWr91nvFU4YGRjzwKdIMq-tCJXulkvzyukSc81-OAbWj-bEVw8bQKUoLe9Kg$ [de[.]wikipedia[.]org].
>
> More education is definitely needed for sw developers. I have heard so
> many times "It's open source, so we can anyhow use it." which (as far
> as they are
> aware) puts 0-BSD and AGPL into the same category.
>
> Best regards
>
> Martin
>
>
> -----Ursprüngliche Nachricht-----
> Von: main@... <main@...>
> Im Auftrag von Shane Coughlan
> Gesendet: Donnerstag, 7. April 2022 02:20
> An: OpenChain Taiwan <taiwan-wg@...>; OpenChain
> Korea <korea-wg@...>; OpenChain Japan
> <japan-wg@...>
> Cc: OpenChain Main <main@...>
> Betreff: [openchain] A question about license translations in Chinese,
> Korean and German
>
> This is a question from the OpenChain Japan Work Group to our dear
> friends who speak Chinese, Korean or German.
>
> In Japan there is a convenient website with reference translations of
> the OSI open source licenses:
> https://urldefense.com/v3/__https://licenses.opensource.jp/__;!!JmoZiZ
> GBv3RvKRSx!r0iCWr91nvFU4YGRjzwKdIMq-tCJXulkvzyukSc81-OAbWj-bEVw8bQKNAA
> XDyE$ [licenses[.]opensource[.]jp]
>
> The purpose of this translation set is to education regional
> engineers. It is expected legal experts will read and use the original English terms.
>
> The question is: do you have similar resources in Chinese, Korean and
> German?
>
>
>
>
>
>
>
>
>
>







OpenChain + SAP webinar - April 26th

 

We have a major webinar coming with SAP. This will be an excellent opportunity to hear from Peter Giese, Head of the SAP Open Source Program Office, about how SAP decided to become and implemented whole entity conformance with OpenChain ISO/IEC 5230. Register for free here:
https://webinars.sap.com/opensourcelicensecompliance26042022/en/registration.aspx

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: A question about license translations in Chinese, Korean and German

Satoru Ueda
 

Thanks Shane.


S. Ueda
===
| Satoru Ueda / TEL: +81-(0)70-2498-3190 or +81-(0)90-3815-9169
| Open Source Promotion Sec. Technology Alliance Dept.
| Corporate Technology Strategy Div. Sony Corporation

-----Original Message-----
From: Shane Coughlan <scoughlan@...>
Sent: Thursday, April 21, 2022 4:59 PM
To: Ueda, Satoru (SGC) <Satoru.Ueda@...>
Cc: OpenChain Taiwan <taiwan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Japan <japan-wg@...>; OpenChain Main <main@...>
Subject: Re: [openchain] A question about license translations in Chinese, Korean and German

Hi Ueda San, just flagging for you :)

On Apr 7, 2022, at 15:00, Martin Bührlen via lists.openchainproject.org <martin=buehrlen.com@...> wrote:

There are countless German language websites with information about
OSS licenses, but I am not aware of any 'official' website.

There is a private initiative (translated: )"Institute for Legal
Issues of the Free and Open Source Software (ifrOSS)"
https://urldefense.com/v3/__https://ifross.org/__;!!JmoZiZGBv3RvKRSx!r
0iCWr91nvFU4YGRjzwKdIMq-tCJXulkvzyukSc81-OAbWj-bEVw8bQKkwYd56Q$
[ifross[.]org] which has a pretty comprehensive list of licenses https://urldefense.com/v3/__https://ifross.github.io/ifrOSS/Lizenzcenter__;!!JmoZiZGBv3RvKRSx!r0iCWr91nvFU4YGRjzwKdIMq-tCJXulkvzyukSc81-OAbWj-bEVw8bQKW27ip48$ [ifross[.]github[.]io] . But this is more directed towards legal experts.

In my opinion, so far the best explanation in layman's terms is
probably on the German Wikipedia, which has a page for each of the
mainstream licenses https://urldefense.com/v3/__https://de.wikipedia.org/wiki/Kategorie:FLOSS-Lizenz__;!!JmoZiZGBv3RvKRSx!r0iCWr91nvFU4YGRjzwKdIMq-tCJXulkvzyukSc81-OAbWj-bEVw8bQKUoLe9Kg$ [de[.]wikipedia[.]org].

More education is definitely needed for sw developers. I have heard so
many times "It's open source, so we can anyhow use it." which (as far
as they are
aware) puts 0-BSD and AGPL into the same category.

Best regards

Martin


-----Ursprüngliche Nachricht-----
Von: main@... <main@...>
Im Auftrag von Shane Coughlan
Gesendet: Donnerstag, 7. April 2022 02:20
An: OpenChain Taiwan <taiwan-wg@...>; OpenChain
Korea <korea-wg@...>; OpenChain Japan
<japan-wg@...>
Cc: OpenChain Main <main@...>
Betreff: [openchain] A question about license translations in Chinese,
Korean and German

This is a question from the OpenChain Japan Work Group to our dear
friends who speak Chinese, Korean or German.

In Japan there is a convenient website with reference translations of
the OSI open source licenses:
https://urldefense.com/v3/__https://licenses.opensource.jp/__;!!JmoZiZ
GBv3RvKRSx!r0iCWr91nvFU4YGRjzwKdIMq-tCJXulkvzyukSc81-OAbWj-bEVw8bQKNAA
XDyE$ [licenses[.]opensource[.]jp]

The purpose of this translation set is to education regional
engineers. It is expected legal experts will read and use the original English terms.

The question is: do you have similar resources in Chinese, Korean and
German?










Re: OpenChain Self Certification

 

Carlo, can your team lend a hand here?

On Apr 21, 2022, at 0:10, Gary O'Neall <gary@...> wrote:

Thanks Jari for creating the spreadsheet. In reviewing the spreadsheet, I realized we need to make a change to the web app before we can fix this in the questionnaire. I documented the change in the issue.

We also need some volunteers to help maintain the questionnaire JSON files. If anyone on the list is comfortable with editing JSON files, I can provide any background information.

Even if you are not comfortable editing JSON, it would be very helpful to have folks to review the JSON files to prevent issues like this from coming up in the future.

Best regards,
Gary

From: main@... <main@...> On Behalf Of Jari Koivisto
Sent: Wednesday, April 20, 2022 3:43 AM
To: OpenChain Main <main@...>
Subject: Re: [openchain] OpenChain Self Certification

Back to this old issue that seems to be still present. I created an Excel file that should have correct reference numbers now. It is uploaded to the GH issue that Gary created.

BR,

Jari

---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto



On Fri, Feb 4, 2022 at 9:55 AM Shane Coughlan <scoughlan@...> wrote:
Thanks Gary. I will get the fix underway :)

On Feb 4, 2022, at 13:16, Gary O'Neall <gary@...> wrote:

I added an issue in the questionnaire repo to track this: https://github.com/OpenChain-Project/conformance-questionnaire/issues/70



Gary



From: Gary O'Neall <gary@...>
Sent: Thursday, February 3, 2022 8:07 PM
To: 'main@...' <main@...>
Subject: RE: [openchain] OpenChain Self Certification



Hi Jari,



Thanks for the additional information. I don’t believe anyone is working on this issue.



The PDF is generated from the data in the conformance-questionnaire github repo.



All of the translations would need to be updated with the correct numbers.



If you or anyone on the list is comfortable with creating a pull request with the corrected numbers, I can review and merge which will automatically update the PDF.



Regards,
Gary







From: main@... <main@...> On Behalf Of Jari Koivisto
Sent: Thursday, February 3, 2022 9:36 AM
To: OpenChain Main <main@...>
Subject: Re: [openchain] OpenChain Self Certification



Gary et al





So, in the Conformance in Questions (https://openchain-project.github.io/conformance-questionnaire/questionnaire.pdf), there is Spec Ref column and in that column, the references are pointing to OpenChain specification ver. 2.0. For 2.1, which is the current ISO standard, the numbering has changed.



Attached is an Excel sheet that I just put some examples of the 2.0 -> 2.1 numbering changes. As I mentioned at the moment the questionnaire uses 2.0 numbering not 2.1 and IMHO we should use the latest 2.1 specification version, which is the ISO 5230 standard.



BR,



Jari


---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto





On Thu, Feb 3, 2022 at 5:09 PM Gary O'Neall <gary@...> wrote:

Hi Jari,



Can you provide more specifics on where the inconsistency is? I just looked at the PDF in the link below it has the following text in the header:



This document contains a series of questions to determine whether a company has an OpenChain Conformant program. If each of these questions can be answered with a "yes" then that company meets all the requirements of conformance to the OpenChain Specification version 2.1 (functionally identical to ISO/IEC DIS 5230:2020(e)). If any of the questions are answered with a "no" then the company can clearly identify where additional investment is needed to improve the compliance process.



It could be an issue in one of the translations if you are looking at a language other than English.



Thanks,

Gary



From: main@... <main@...> On Behalf Of Jari Koivisto
Sent: Thursday, February 3, 2022 2:33 AM
To: OpenChain Main <main@...>
Subject: [openchain] OpenChain Self Certification



Hi All,



I just noticed that the printable version of self-certification document (https://openchain-project.github.io/conformance-questionnaire/questionnaire.pdf) has Spec Refs to the OpenChain Spec 2.0 version and not the latest 2.1 (ISO 5230) version.



Is someone working on this already?



BR,



Jari


---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto








Re: A question about license translations in Chinese, Korean and German

 

Hi Ueda San, just flagging for you :)

On Apr 7, 2022, at 15:00, Martin Bührlen via lists.openchainproject.org <martin=buehrlen.com@...> wrote:

There are countless German language websites with information about OSS
licenses, but I am not aware of any 'official' website.

There is a private initiative (translated: )"Institute for Legal Issues of
the Free and Open Source Software (ifrOSS)" https://ifross.org/ which has a
pretty comprehensive list of licenses
https://ifross.github.io/ifrOSS/Lizenzcenter . But this is more directed
towards legal experts.

In my opinion, so far the best explanation in layman's terms is probably on
the German Wikipedia, which has a page for each of the mainstream licenses
https://de.wikipedia.org/wiki/Kategorie:FLOSS-Lizenz.

More education is definitely needed for sw developers. I have heard so many
times "It's open source, so we can anyhow use it." which (as far as they are
aware) puts 0-BSD and AGPL into the same category.

Best regards

Martin


-----Ursprüngliche Nachricht-----
Von: main@... <main@...> Im
Auftrag von Shane Coughlan
Gesendet: Donnerstag, 7. April 2022 02:20
An: OpenChain Taiwan <taiwan-wg@...>; OpenChain Korea
<korea-wg@...>; OpenChain Japan
<japan-wg@...>
Cc: OpenChain Main <main@...>
Betreff: [openchain] A question about license translations in Chinese,
Korean and German

This is a question from the OpenChain Japan Work Group to our dear friends
who speak Chinese, Korean or German.

In Japan there is a convenient website with reference translations of the
OSI open source licenses:
https://licenses.opensource.jp/

The purpose of this translation set is to education regional engineers. It
is expected legal experts will read and use the original English terms.

The question is: do you have similar resources in Chinese, Korean and
German?










Re: OpenChain Self Certification

Gary O'Neall
 

Thanks Jari for creating the spreadsheet.  In reviewing the spreadsheet, I realized we need to make a change to the web app before we can fix this in the questionnaire.  I documented the change in the issue.

 

We also need some volunteers to help maintain the questionnaire JSON files.  If anyone on the list is comfortable with editing JSON files, I can provide any background information.

 

Even if you are not comfortable editing JSON, it would be very helpful to have folks to review the JSON files to prevent issues like this from coming up in the future.

 

Best regards,

Gary

 

From: main@... <main@...> On Behalf Of Jari Koivisto
Sent: Wednesday, April 20, 2022 3:43 AM
To: OpenChain Main <main@...>
Subject: Re: [openchain] OpenChain Self Certification

 

Back to this old issue that seems to be still present. I created an Excel file that should have correct reference numbers now. It is uploaded to the GH issue that Gary created. 

 

BR,

 

   Jari


---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto

 

 

On Fri, Feb 4, 2022 at 9:55 AM Shane Coughlan <scoughlan@...> wrote:

Thanks Gary. I will get the fix underway :)

> On Feb 4, 2022, at 13:16, Gary O'Neall <gary@...> wrote:
>
> I added an issue in the questionnaire repo to track this: https://github.com/OpenChain-Project/conformance-questionnaire/issues/70
>

>
> Gary
>

>
> From: Gary O'Neall <gary@...>
> Sent: Thursday, February 3, 2022 8:07 PM
> To: 'main@...' <main@...>
> Subject: RE: [openchain] OpenChain Self Certification
>

>
> Hi Jari,
>

>
> Thanks for the additional information.  I don’t believe anyone is working on this issue.
>

>
> The PDF is generated from the data in the conformance-questionnaire github repo.
>

>
> All of the translations would need to be updated with the correct numbers.
>

>
> If you or anyone on the list is comfortable with creating a pull request with the corrected numbers, I can review and merge which will automatically update the PDF.
>

>
> Regards,
> Gary
>

>

>

>
> From: main@... <main@...> On Behalf Of Jari Koivisto
> Sent: Thursday, February 3, 2022 9:36 AM
> To: OpenChain Main <main@...>
> Subject: Re: [openchain] OpenChain Self Certification
>

>
> Gary et al
>

>

>
> So, in the Conformance in Questions (https://openchain-project.github.io/conformance-questionnaire/questionnaire.pdf), there is Spec Ref column and in that column, the references are pointing to OpenChain specification ver. 2.0.  For 2.1, which is the current ISO standard, the numbering has changed.
>

>
> Attached is an Excel sheet that I just put some examples of the 2.0 -> 2.1 numbering changes. As I mentioned at the moment the questionnaire uses 2.0 numbering not 2.1 and IMHO we should use the latest 2.1 specification version, which is the ISO 5230 standard.
>

>
> BR,
>

>
>    Jari
>
>
> ---
> Jari Koivisto
> E-mail: jari.p.koivisto@...
> Mobile: +41 78 7479791
> Skype: jari.p.koivisto
> LinkedIn: http://www.linkedin.com/in/jarikoivisto
>

>

>
> On Thu, Feb 3, 2022 at 5:09 PM Gary O'Neall <gary@...> wrote:
>
> Hi Jari,
>

>
> Can you provide more specifics on where the inconsistency is?  I just looked at the PDF in the link below it has the following text in the header:
>

>
> This document contains a series of questions to determine whether a company has an OpenChain Conformant program. If each of these questions can be answered with a "yes" then that company meets all the requirements of conformance to the OpenChain Specification version 2.1 (functionally identical to ISO/IEC DIS 5230:2020(e)). If any of the questions are answered with a "no" then the company can clearly identify where additional investment is needed to improve the compliance process.
>

>
> It could be an issue in one of the translations if you are looking at a language other than English.
>

>
> Thanks,
>
> Gary
>

>
> From: main@... <main@...> On Behalf Of Jari Koivisto
> Sent: Thursday, February 3, 2022 2:33 AM
> To: OpenChain Main <main@...>
> Subject: [openchain] OpenChain Self Certification
>

>
> Hi All,
>

>
> I just noticed that the printable version of self-certification document (https://openchain-project.github.io/conformance-questionnaire/questionnaire.pdf) has Spec Refs to the OpenChain Spec 2.0 version and not the latest 2.1 (ISO 5230) version.
>

>
> Is someone working on this already?
>

>
> BR,
>

>
>    Jari
>
>
> ---
> Jari Koivisto
> E-mail: jari.p.koivisto@...
> Mobile: +41 78 7479791
> Skype: jari.p.koivisto
> LinkedIn: http://www.linkedin.com/in/jarikoivisto
>
>
>






Re: OpenChain Self Certification

Jari Koivisto
 

Back to this old issue that seems to be still present. I created an Excel file that should have correct reference numbers now. It is uploaded to the GH issue that Gary created. 

BR,

   Jari

---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto



On Fri, Feb 4, 2022 at 9:55 AM Shane Coughlan <scoughlan@...> wrote:
Thanks Gary. I will get the fix underway :)

> On Feb 4, 2022, at 13:16, Gary O'Neall <gary@...> wrote:
>
> I added an issue in the questionnaire repo to track this: https://github.com/OpenChain-Project/conformance-questionnaire/issues/70
>

>
> Gary
>

>
> From: Gary O'Neall <gary@...>
> Sent: Thursday, February 3, 2022 8:07 PM
> To: 'main@...' <main@...>
> Subject: RE: [openchain] OpenChain Self Certification
>

>
> Hi Jari,
>

>
> Thanks for the additional information.  I don’t believe anyone is working on this issue.
>

>
> The PDF is generated from the data in the conformance-questionnaire github repo.
>

>
> All of the translations would need to be updated with the correct numbers.
>

>
> If you or anyone on the list is comfortable with creating a pull request with the corrected numbers, I can review and merge which will automatically update the PDF.
>

>
> Regards,
> Gary
>

>

>

>
> From: main@... <main@...> On Behalf Of Jari Koivisto
> Sent: Thursday, February 3, 2022 9:36 AM
> To: OpenChain Main <main@...>
> Subject: Re: [openchain] OpenChain Self Certification
>

>
> Gary et al
>

>

>
> So, in the Conformance in Questions (https://openchain-project.github.io/conformance-questionnaire/questionnaire.pdf), there is Spec Ref column and in that column, the references are pointing to OpenChain specification ver. 2.0.  For 2.1, which is the current ISO standard, the numbering has changed.
>

>
> Attached is an Excel sheet that I just put some examples of the 2.0 -> 2.1 numbering changes. As I mentioned at the moment the questionnaire uses 2.0 numbering not 2.1 and IMHO we should use the latest 2.1 specification version, which is the ISO 5230 standard.
>

>
> BR,
>

>
>    Jari
>
>
> ---
> Jari Koivisto
> E-mail: jari.p.koivisto@...
> Mobile: +41 78 7479791
> Skype: jari.p.koivisto
> LinkedIn: http://www.linkedin.com/in/jarikoivisto
>

>

>
> On Thu, Feb 3, 2022 at 5:09 PM Gary O'Neall <gary@...> wrote:
>
> Hi Jari,
>

>
> Can you provide more specifics on where the inconsistency is?  I just looked at the PDF in the link below it has the following text in the header:
>

>
> This document contains a series of questions to determine whether a company has an OpenChain Conformant program. If each of these questions can be answered with a "yes" then that company meets all the requirements of conformance to the OpenChain Specification version 2.1 (functionally identical to ISO/IEC DIS 5230:2020(e)). If any of the questions are answered with a "no" then the company can clearly identify where additional investment is needed to improve the compliance process.
>

>
> It could be an issue in one of the translations if you are looking at a language other than English.
>

>
> Thanks,
>
> Gary
>

>
> From: main@... <main@...> On Behalf Of Jari Koivisto
> Sent: Thursday, February 3, 2022 2:33 AM
> To: OpenChain Main <main@...>
> Subject: [openchain] OpenChain Self Certification
>

>
> Hi All,
>

>
> I just noticed that the printable version of self-certification document (https://openchain-project.github.io/conformance-questionnaire/questionnaire.pdf) has Spec Refs to the OpenChain Spec 2.0 version and not the latest 2.1 (ISO 5230) version.
>

>
> Is someone working on this already?
>

>
> BR,
>

>
>    Jari
>
>
> ---
> Jari Koivisto
> E-mail: jari.p.koivisto@...
> Mobile: +41 78 7479791
> Skype: jari.p.koivisto
> LinkedIn: http://www.linkedin.com/in/jarikoivisto
>
>
>







OpenChain M&A Summit 2022 – April 28th @ 14:00 UTC

 

The OpenChain M&A Summit 2022 brings together key law firms and service providers helping clients with M&A. You will come away from this event with a clearer understanding of global trends around open source mergers and acquisitions. Free and open to everyone.
Timing
This event takes places at 14:00 UTC on April 28th and runs for two hours. That translates to:
  • 07:00 PDT
  • 12:00 EDT
  • 16:00 CEST
  • 19:30 IST
  • 10:00 CST
  • 11:00 KST
  • 11:00 JST
Agenda
  • An Overview of A Typical M&A With OpenChain
    Leon SchwartzGTC Law
  • M&A From The Perspective Of Security
    Jan Thielscher, EACG
  • Checking Compliance With FOSSmatrix
    Hendrik Schottle, Osborne Clark
  • Sustainability Of Open Source Licenses
    Dr. Andreas Kotulla, Bitsea
  • Specific M&A Transaction Case Study
    Marcel Scholze, PwC
  • Panel with all presenters
RSVP (Required for Entry)


Shane in San Francisco and San Diego

 

Greetings all!

I will be in San Francisco and San Diego shortly. If you are around I would love to get together.

San Francisco: May 8th to 12th
San Diego: 12th to 14th

Let me know ;)

It has been too long!

Shane


OpenChain Security Assurance Reference Specification (Release Candidate 1 2022-03-28)

 

The OpenChain Project released a Security Assurance Reference Guide in August 2021. Feedback from the community expanded this into its current form: a Security Assurance Reference Specification (Release Candidate 1 2022-03-28). At the end of June 2022 the OpenChain Steering Committee will decide if this Release Candidate:
  1. Becomes a sister standard to OpenChain ISO/IEC 5230
  2. Becomes an optional component of OpenChain ISO/IEC 5230
  3. Remains a reference specification
This is an important moment for the OpenChain Project, explicitly highlighting our work beyond open source license compliance. Your input is most welcome to help inform our steering committee.
Please open Issues on our GitHub here to provide feedback:
Alternatively, or in addition, please join our specification mailing list here:
Learn more on our website here:


External Webinar: SAP – Open Source License Compliance with OpenChain

 

From SAP:
Join us on April 26th at 3:00 pm CEST/1:00 pm UTC/9:00 am EDT/10:00 pm JST for a webinar with Shane Coughlan, OpenChain General Manager at the Linux Foundation, and Peter Giese, Head of the SAP Open Source Program Office, about key requirements of a quality open source compliance program. With his extensive knowledge of open source governance and process development Shane will explain what is important for a healthy open source environment in organizations, while Peter will talk about SAP’s experience getting ready for the OpenChain certification to help to establish trust and reliability among all the participants in software supply chains at SAP.
Speakers:
Shane Coughlan | OpenChain General Manager at the Linux Foundation
Peter Giese | Head of the SAP Open Source Program Office
Join Us:
Date: Tuesday, April 26th
Time: 3:00 pm CEST/1:00 pm UTC/9:00 am EDT/10:00 pm JST


Re: OpenChain has a help desk

Balakrishna Mukundaraj
 

That’s a great feature! Thank you Shane!!

On Mon, 11 Apr 2022 at 14:49, Shane Coughlan <scoughlan@...> wrote:
As a FYI, OpenChain has introduced a Help Desk (accessible via our page footers).
https://members.openchainproject.org/

We will promote this more heavily over time, but I wanted to give you a heads up that you can get all the administrative support (including member support) that you need.

Regards

Shane

--
Thanks & Regards,
Balakrishna M
+91-9620791838


OpenChain has a help desk

 

As a FYI, OpenChain has introduced a Help Desk (accessible via our page footers).
https://members.openchainproject.org/

We will promote this more heavily over time, but I wanted to give you a heads up that you can get all the administrative support (including member support) that you need.

Regards

Shane


OpenChain Japan Work Group Meeting #23

 

The OpenChain Japan Work Group will meet on April 20th at 15:00. Full details are below in Japanese. Everyone is welcome to join. You can use this link:
https://socionext.zoom.us/j/99975267803?pwd=ekhxaHA3bVZUSVU5M0dVMkF2Z0pkQT09
次回のOpenChain Japan Workgroup全体会合の開催案内です。
第23回全体会合(第10回オンライン会合)を
2022年4月20日(水)15:00-16:00に開催します。
場所(Venue):Zoom
https://socionext.zoom.us/j/99975267803?pwd=ekhxaHA3bVZUSVU5M0dVMkF2Z0pkQT09
Meeting ID: 99975267803 / パスワード: ]>guXS~6
アジェンダ:
15:00 – 15:02 Opening
15:02 – 15:10 Keynote    by Shane Coughlan
15:10 – 15:20 OpenChain Japan WGについて 
15:20 – 16:00 OpenChain Industry Survey 2022 (OpenChain業界調査)
 集計結果紹介、フリーディスカッション
16:00 Closing
今回は、現在実施しているOpenChain業界調査の結果紹介をします。
ご協力のお願い
会場の皆さんにリアルタイムにアンケートに答えていただき、その結果を見ながら、皆さんと意見交換をさせていただく試みを行います。
「OpenChain Industry Survey 2022 (OpenChain業界調査)」と同じツールを利用します。
明示的に回答いただいた情報のみ収集、利用します。
回答者の情報(メールアドレス等)は収集されません。
疑問、不安に感じられることがあれば、お気軽にお尋ねください。
回答は必須ではありませんが、多くの方にご参加いただきたく思います。
リアルタイムアンケート
https://forms.gle/zg5e6h7bwccQCvvZ8
同じURLをQRコードにしています。スマートフォン等でご回答いただく際にご利用ください。→
結果の利用方法
全体会合の共有画面に結果を表示します。
また、OpenChain JWGのGitHubに公開するとともに、今後のOpenChain活動で利用します。
多くの方々のご参加をお待ちしております。


Learn more about open source in the German market via the Bitkom 2021 survey

 

The Bitkom open source survey 2021 is now available. It contains some really useful data from the German market and is recommended reading.
https://www.bitkom.org/Bitkom/Publikationen/Open-Source-Monitor-Survey-report-2021


Re: Toshiba Announces OpenChain ISO/IEC 5230 Conformance

Prasad Iyer
 

Excellent, Welcome Toshiba to 'Openchain'!

Cheers,
Prasad Iyer
Director, Engineering - Product Operations

Email : prasadiy@...
Phone: +1 (408) 315-5101 <mailto:prasadiy@...>

-----Original Message-----
From: main@... <main@...> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: 07 April 2022 07:05
To: OpenChain Main <main@...>
Cc: OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>
Subject: [openchain] Toshiba Announces OpenChain ISO/IEC 5230 Conformance

Huge news today!

Toshiba, one of the largest companies in Japan, has announced an OpenChain ISO/IEC 5230 conformant program. Toshiba has been at the forefront of technology since 1939, and is a leader in diverse sectors ranging from social infrastructure to quantum cryptography. Learn more about their journey and plans here:
https://www.openchainproject.org/featured/2022/04/06/toshiba-conformance




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: [japan-wg] Toshiba Announces OpenChain ISO/IEC 5230 Conformance

takashi1.ninjouji@...
 

Hello, Shane and folks,

Thank you very much for your warm words, many, many, and many!
I have received messages in other threads, but please forgive me for replying here.

As you have noticed, beyond our achievement, there is a path for the entire company and the whole group. Your messages are very encouraging to us!

In my impression, training is important in DevSecOps with open source compliance. However, I also believe that CI should expand its scope to an environment where developers are rather very naturally in compliance, and to where policies, processes, and systems work more closely together! I would like to continue these efforts.

Best,
Tak


---

Takashi NINJOUJI

 

Chief Specialist

Advanced Collaborative Software Development and Technology Department

Corporate Software Engineering & Technology Center

 

Toshiba Corporation

1 Komukai-toshiba-cho, Saiwai-ku Kawasaki-shi, Kanagawa 212-8582, Japan

email: takashi1.ninjouji@...

www: http://www.toshiba.co.jp/worldwide/



差出人: main@... <main@...> が Andrew K <andrew.katz@...> の代理で送信
送信日時: 2022年4月7日 17:14
宛先: main@... <main@...>; japan-wg@... <japan-wg@...>; hiroyuki.fukuchi@... <hiroyuki.fukuchi@...>; scoughlan@... <scoughlan@...>
CC: OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>
件名: Re: [openchain] [japan-wg] Toshiba Announces OpenChain ISO/IEC 5230 Conformance
 
Everyone in the UK of a certain age won't be able to hear the word "Toshiba" without thinking of the amazing 1980s TV advertisements: https://www.youtube.com/watch?v=BjJBFGGjdpw

Enjoy!

All the best


Andrew

P.S. I'm typing this sitting in air conditioned comfort, thanks to my Toshiba DaiseikAI split unit

On 07/04/2022, 08:38, "main@... on behalf of MASATO ENDO" <main@... on behalf of masato_endo@...> wrote:

    Congratulations!
    I bought a Toshiba's flagship washing machine last week:)

    Masato ENDO

    > -----Original Message-----
    > From: japan-wg@...
    > <japan-wg@...> On Behalf Of Hiro Fukuchi
    > Sent: Thursday, April 7, 2022 4:31 PM
    > To: japan-wg@...; scoughlan@...;
    > OpenChain Main <main@...>
    > Cc: OpenChain Korea <korea-wg@...>; OpenChain
    > Taiwan <taiwan-wg@...>
    > Subject: Re: [japan-wg] Toshiba Announces OpenChain ISO/IEC 5230
    > Conformance
    >
    > Congratulation!
    >
    > ---
    > Hiro Fukuchi (Hiroyuki.Fukuchi@...) Sony
    >
    > > -----Original Message-----
    > > From: japan-wg@...
    > > <japan-wg@...> On Behalf Of Shane Coughlan
    > > Sent: Thursday, April 7, 2022 3:05 PM
    > > To: OpenChain Main <main@...>
    > > Cc: OpenChain Japan <japan-wg@...>; OpenChain
    > > Korea <korea-wg@...>; OpenChain Taiwan
    > > <taiwan-wg@...>
    > > Subject: [japan-wg] Toshiba Announces OpenChain ISO/IEC 5230
    > > Conformance
    > >
    > > Huge news today!
    > >
    > > Toshiba, one of the largest companies in Japan, has announced an
    > > OpenChain ISO/IEC 5230 conformant program. Toshiba has been at the
    > > forefront of technology since 1939, and is a leader in diverse sectors
    > > ranging from social infrastructure to quantum cryptography. Learn more
    > > about their journey and plans
    > > here:
    > > https://urldefense.com/v3/__https://www.openchainproject.org/featured/
    > > 2022
    > >
    > /04/06/toshiba-conformance__;!!JmoZiZGBv3RvKRSx!tcZuqjFNS4chi8DRi3sa4
    > Q
    > >
    > K6KaKNsf1l0HQqxN6H7eJ5qJWKTjbDca3oTZmyVntRO1ko$ [openchainproject[.
    > ]
    > > org]
    > >
    > >
    > >
    >
    >
    >
    >
    >



   








441 - 460 of 5027