Date   

OpenChain Mini-Summit - Reviewing Our Security Assurance Guide - Starts in ~30 minutes via Zoom

 

All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
https://zoom.us/j/4377592799

Learn more about the current guide here:
https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available


Re: Case Study: Open Source Compliance Automation and Interoperability #2 - Video Now Live

Sebastian Schuberth
 

Hi Shane,

yes, I could do both. If you can send an invite, I'll forward it to
the other ORT core developers / ORT developer meeting participants.

--
Sebastian Schuberth

On Thu, Sep 30, 2021 at 12:21 PM Shane Coughlan
<scoughlan@...> wrote:

Hi Sebastian!

I would love if you and (or) Thomas could join to help us genuinely dig deep into the ORT side of things.

Would European morning (say 9 or 10am CET) work for you on the 13th?

Regards

Shane

On Sep 30, 2021, at 18:49, Sebastian Schuberth <sschuberth@...> wrote:

Hi Shane,

in today's ORT developer meeting the session on Oct 13th for "a deep
dive on using ORT" was brought to my attention. None of the ORT core
developers / LF TSC members were aware of that session. Since you're
going to talk about "ORT internals engineering" I'd be curious who's
going to present the engineering internals, if not ORT engineers.

So, any clue who'll be running that session? Does it make sense for me
and / or other ORT engineers to join that session to help you get the
right picture of ORT's internals?

--
Sebastian Schuberth
(Founder of ORT, the OSS Review Toolkit.)

On Wed, Sep 29, 2021 at 2:01 PM Shane Coughlan
<scoughlan@...> wrote:

Part #2 of our epic automation case study explores the engineering behind the new graphical tool from Facebook/TNG that makes open source tooling easier to use.
https://www.openchainproject.org/featured/2021/09/29/automation-case-study-2

Coming Next:

October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
December 8th, Facebook Usage Case Study.
December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.

Seen Previously:

Part #1 explores a new graphical tool from Facebook/TNG to make open source tooling easier to use. Our demo shows ORT calling ScanCode in a clean, simple way. We also discuss how the graphical interface was designed.


Re: Case Study: Open Source Compliance Automation and Interoperability #2 - Video Now Live

 

Hi Sebastian!

I would love if you and (or) Thomas could join to help us genuinely dig deep into the ORT side of things.

Would European morning (say 9 or 10am CET) work for you on the 13th?

Regards

Shane

On Sep 30, 2021, at 18:49, Sebastian Schuberth <sschuberth@...> wrote:

Hi Shane,

in today's ORT developer meeting the session on Oct 13th for "a deep
dive on using ORT" was brought to my attention. None of the ORT core
developers / LF TSC members were aware of that session. Since you're
going to talk about "ORT internals engineering" I'd be curious who's
going to present the engineering internals, if not ORT engineers.

So, any clue who'll be running that session? Does it make sense for me
and / or other ORT engineers to join that session to help you get the
right picture of ORT's internals?

--
Sebastian Schuberth
(Founder of ORT, the OSS Review Toolkit.)

On Wed, Sep 29, 2021 at 2:01 PM Shane Coughlan
<scoughlan@...> wrote:

Part #2 of our epic automation case study explores the engineering behind the new graphical tool from Facebook/TNG that makes open source tooling easier to use.
https://www.openchainproject.org/featured/2021/09/29/automation-case-study-2

Coming Next:

October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
December 8th, Facebook Usage Case Study.
December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.

Seen Previously:

Part #1 explores a new graphical tool from Facebook/TNG to make open source tooling easier to use. Our demo shows ORT calling ScanCode in a clean, simple way. We also discuss how the graphical interface was designed.


Re: Case Study: Open Source Compliance Automation and Interoperability #2 - Video Now Live

Sebastian Schuberth
 

Hi Shane,

in today's ORT developer meeting the session on Oct 13th for "a deep
dive on using ORT" was brought to my attention. None of the ORT core
developers / LF TSC members were aware of that session. Since you're
going to talk about "ORT internals engineering" I'd be curious who's
going to present the engineering internals, if not ORT engineers.

So, any clue who'll be running that session? Does it make sense for me
and / or other ORT engineers to join that session to help you get the
right picture of ORT's internals?

--
Sebastian Schuberth
(Founder of ORT, the OSS Review Toolkit.)

On Wed, Sep 29, 2021 at 2:01 PM Shane Coughlan
<scoughlan@...> wrote:

Part #2 of our epic automation case study explores the engineering behind the new graphical tool from Facebook/TNG that makes open source tooling easier to use.
https://www.openchainproject.org/featured/2021/09/29/automation-case-study-2

Coming Next:

October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
December 8th, Facebook Usage Case Study.
December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.

Seen Previously:

Part #1 explores a new graphical tool from Facebook/TNG to make open source tooling easier to use. Our demo shows ORT calling ScanCode in a clean, simple way. We also discuss how the graphical interface was designed.


Case Study: Open Source Compliance Automation and Interoperability #2 - Video Now Live

 

Part #2 of our epic automation case study explores the engineering behind the new graphical tool from Facebook/TNG that makes open source tooling easier to use.
https://www.openchainproject.org/featured/2021/09/29/automation-case-study-2

Coming Next:

  • October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
  • October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
  • November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
  • November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
  • December 8th, Facebook Usage Case Study.
  • December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.

Seen Previously:


External talk: 'Growing Open Source Culture Inside Sony’ at Open Source Summit today

 

There is a pretty great talk I wanted to flag today (Tuesday, September 28) at the Open Compliance Summit.

It is entitled 'Growing Open Source Culture Inside Sony’ and will presented by Kazumi Sato and Hiroyuki Fukuchi of Sony Group Corporation. Sony has long been a leader in open source, so I would regard this as a “must see” for those at the event.

The talk will take place between 17:00 and 17:50 PST. Learn more here:
https://sched.co/lAOz

(This means it will be morning on the 29th for Asia)

Regards

Shane


Shane Coughlan
General Manager, OpenChain
e: scoughlan@...
p: +81 (0) 80 4035 8083
w: www.linuxfoundation.org

Schedule a call:
https://meetings.hubspot.com/scoughlan


Re: Synology is the latest organization to announce an OpenChain ISO 5230 conformant program

Gilles Gravier
 

I've been using Synology NAS for years. They just work. I replaced my old one with a new one just by popping the old disks in the new box, and 20 minutes later it was up and running with no other disruption to service. These things are rock solid. Mine has been now up for 72 days without a reboot... I imagine next reboot will be with next firmware update. :)

And yes, they do almost everything open source... so it's nice to know they have OpenChain standard to support their development process!

Cheers,
Gilles

Le lun. 27 sept. 2021 à 14:01, Jari Koivisto <jari.p.koivisto@...> a écrit :
Great news. If I didn't have NAS boxes already and I was going to get some, I would definitely go for the Synology solution. 

BR,

  Jari

---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto



On Mon, 27 Sept 2021 at 01:22, Shane Coughlan <scoughlan@...> wrote:
Synology, a data storage and IT solutions manufacturer, is the latest organization to announce an OpenChain ISO 5230 conformant program. This builds on their commitment to excellence in products and governance as one of the leaders in the networked storage industry. 
https://www.openchainproject.org/news/2021/09/26/synology






--
Gilles Gravier  - Gilles@...
GSM : +33618347147 and +41794728437
Skype : ggravier | PGP Key : 0xA610DB098DE6D026


Re: Synology is the latest organization to announce an OpenChain ISO 5230 conformant program

Jari Koivisto
 

Great news. If I didn't have NAS boxes already and I was going to get some, I would definitely go for the Synology solution. 

BR,

  Jari

---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto



On Mon, 27 Sept 2021 at 01:22, Shane Coughlan <scoughlan@...> wrote:
Synology, a data storage and IT solutions manufacturer, is the latest organization to announce an OpenChain ISO 5230 conformant program. This builds on their commitment to excellence in products and governance as one of the leaders in the networked storage industry. 
https://www.openchainproject.org/news/2021/09/26/synology





Re: Synology is the latest organization to announce an OpenChain ISO 5230 conformant program

Sebastian Crane
 

Synology, a data storage and IT solutions manufacturer, is the latest
organization to announce an OpenChain ISO 5230 conformant
program. This builds on their commitment to excellence in products and
governance as one of the leaders in the networked storage industry.
https://www.openchainproject.org/news/2021/09/26/synology
This is a very exciting announcement! I know quite a few people who rely
on Synology devices for their data storage needs, so I'll be sure to
spread the news to them :)

Best wishes,

Sebastian


DEFERRED - OpenChain global work team call this week

 

Today’s regular bi-weekly global work team call is being deferred.

I would like to put all our attention on the OpenChain Quarterly Mini Summit on September 30th @ 2:00pm - 5:00pm PST.

We will be explicitly reviewing and editing the security assurance reference guide and discussing other key OpenChain guides at this event.

You can attend with our usual link:

https://zoom.us/j/4377592799


Details also in the global calendar!

Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: Synology is the latest organization to announce an OpenChain ISO 5230 conformant program

Gilles Gravier
 

Yeah!

Congratulations to the Synology team! Well played. A tribute to their long term use of open source.

Gilles

Le lun. 27 sept. 2021 à 01:22, Shane Coughlan <scoughlan@...> a écrit :
Synology, a data storage and IT solutions manufacturer, is the latest organization to announce an OpenChain ISO 5230 conformant program. This builds on their commitment to excellence in products and governance as one of the leaders in the networked storage industry. 
https://www.openchainproject.org/news/2021/09/26/synology






--
Gilles Gravier  - Gilles@...
GSM : +33618347147 and +41794728437
Skype : ggravier | PGP Key : 0xA610DB098DE6D026


OpenChain Korea Work Group Meeting #11 – 2021-09-30 - 14:00-16:00 KST

 

The OpenChain Korea Work Group will hold its 11th meeting on the 2021-09-30 (Thursday) between 14:00 and 16:00 KST. You can join the meeting via Zoom: https://line.zoom.us/s/97987235521

Learn More (view the schedule):
https://www.openchainproject.org/featured/2021/09/26/korea-wg-11


OpenChain Quarterly Mini Summit Final Details - September 30th @ 2:00pm - 5:00pm PST

 

This is a reminder that the OpenChain mini-summit adjacent to Open Source Summit (Seattle) is coming up.

Date: Thursday, September 30th
Time: 2:00pm - 5:00pm PST

Beverage Service:
• On Consumption
• Bottled Organic Iced Tea
• Still & Sparkling Waters
• Pepsi Soft Drinks
• Coffee and Tea

We currently have 24 physical attendees registered for the meeting.

Mark Gisi, chair of the OpenChain Spec team, will be leading the conversation around the Security Assurance Reference Guide:
https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available

This will also be an excellent opportunity to talk about where the specification is today, where it may go tomorrow, and what other references guides would be useful in the near term.

Want to attend the meeting?
https://events.linuxfoundation.org/open-source-summit-north-america/features/co-located-events/#openchain-quarterly-mini-summit

Want to dial-in? All being well, we will be talking via Zoom on Mark’s computer :)
https://zoom.us/j/4377592799


Synology is the latest organization to announce an OpenChain ISO 5230 conformant program

 

Synology, a data storage and IT solutions manufacturer, is the latest organization to announce an OpenChain ISO 5230 conformant program. This builds on their commitment to excellence in products and governance as one of the leaders in the networked storage industry.
https://www.openchainproject.org/news/2021/09/26/synology


Re: OpenChain Automation Case Study launches September 22nd at 06:00 UTC (8am Berlin / 3pm Tokyo)

Maximilian Huber
 

Hey all

Here is the link to the repository of the presented tool:
https://github.com/opossum-tool/OpossumUI/


Best
Maximilian

Am Montag, dem 13.09.2021 um 21:44 +0900 schrieb Shane Coughlan:

Dear all

As previously discussed, we will be launching a rolling case study
between September and December 2021. This case study will be anchored
by webinars in and around a new GUI tool from Facebook + TNG.

We initially planned to begin on September 15th. However, Michael (FB)
and Max (TNG) are holding a launch event in Germany on the 22nd, so we
will align the global launch with that date.

You will find the event details in the OpenChain global calendar. You
can join this event via our normal Zoom room. No registration is
necessary.
https://zoom.us/j/4377592799

Regards

Shane

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan



--
Maximilian Huber * maximilian.huber@... * +49-174-3410223
TNG Technology Consulting GmbH, Beta-Str. 13a, 85774 Unterföhring
Geschäftsführer: Henrik Klagges, Dr. Robert Dahlke, Thomas Endres
Sitz: Unterföhring * Amtsgericht München * HRB 135082


OpenChain Automation Case Study Part #1

 

We had a very big audience today. Thank you all for your attention and contributions.

Part #1 explores a new graphical tool from Facebook/TNG to make open source tooling easier to use. Our demo shows ORT calling ScanCode in a clean, simple way. We also discuss how the graphical interface was designed.

Please find the video covering all the key material here:
https://www.openchainproject.org/featured/2021/09/22/automation-case-study

The Q&A section was recorded and will be released shortly.


REMINDER: OpenChain automation case study at 12:00 UTC on Wednesday (today) - 13:00 UK - 14:00 CEST - 20:00 CST - 21:00 KST + JST

 

We launch *the* OpenChain automation case study… 🤦‍♂️

This is a must-see for those working in open source compliance.
12:00 UTC / 05:00 PST / 13:00 BST / 14:00 CEST / 17:30 IST / 20:00 CST / 21:00 KST + JST.
https://zoom.us/j/4377592799

No registration.

Regards

Shane

On Sep 22, 2021, at 19:08, Shane Coughlan via groups.io <scoughlan@...> wrote:

We launch of the OpenChain automation case study about using open source tools for open source compliance at 12:00 UTC on Wednesday (today). This is a rolling case-study between September and December 2021. It will be the largest case study ever undertaken in this space. All welcome. No registration.
https://zoom.us/j/4377592799

September 22nd (today):
We explore a new graphical tool from Facebook/TNG to make open source tooling easier to use.
* Our real-world demo will show ORT calling ScanCode in a clean, simple way.
* We will have an interview about how the graphical interface was designed.
• September 29th, we will have an interview about how the tool internals was designed.
• October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
• October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
• November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
• November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
• December 8th, Facebook Usage Case Study.
• December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.
Need help with your timezone?
12:00 UTC / 05:00 PST / 13:00 BST / 14:00 CEST / 17:30 IST / 20:00 CST / 21:00 KST + JST.


REMINDER: OpenChain automation case study at 12:00 UTC on Wednesday (today) - 13:00 UK - 14:00 CEST - 20:00 CST - 21:00 KST + JST

 

We launch of the OpenChain automation case study about using open source tools for open source compliance at 12:00 UTC on Wednesday (today). This is a rolling case-study between September and December 2021. It will be the largest case study ever undertaken in this space. All welcome. No registration.

September 22nd (today):
We explore a new graphical tool from Facebook/TNG to make open source tooling easier to use. 
 * Our real-world demo will show ORT calling ScanCode in a clean, simple way.
 * We will have an interview about how the graphical interface was designed.
  • September 29th, we will have an interview about how the tool internals was designed.
  • October 13th, we do a deep dive on using ORT via the tool + deep dive into ORT internals engineering.
  • October 27th, we do a deep dive on using TERN via the tool + deep dive into TERN internals engineering.
  • November 10th, we do a “how this tool can work with TERN, ORT and ScanOSS in the real-world.”
  • November 24th, we do a “fake supply chain” showing code going through multiple scanners and maintaining SPDX Lite integrity.
  • December 8th, Facebook Usage Case Study.
  • December 16th, A recap of the whole open source tooling eco-system at Open Compliance Summit 2021.
Need help with your timezone?
12:00 UTC / 05:00 PST / 13:00 BST / 14:00 CEST / 17:30 IST / 20:00 CST / 21:00 KST + JST. 


OpenChain webinar - deferred to Wednesday 12:00 UTC / 05:00 PST / 13:00 BST / 14:00 CEST / 17:30 IST / 20:00 CST / 21:00 KST + JST

 

Dear all

Our regular bi-weekly webinar is being deferred from Monday to Wednesday at 12:00 UTC / 05:00 PST / 13:00 BST / 14:00 CEST / 17:30 IST / 20:00 CST / 21:00 KST + JST. This is to keep the focus this week on the launch of our automation case study that day. The case study will be launched with our virtual event and with a physical event in Germany at roughly the same time. We are laying the foundation for an exploration that will take us all the way to a simulated supply chain in November.

You will find all the details in our global calendar as usual. Dial in link:

https://zoom.us/j/4377592799


Regards

Shane 

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: OpenChain Global Work Team Call - 2021-08-14 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

 

The recording of our call is here:
https://www.openchainproject.org/news/2021/09/15/openchain-global-work-team-call-2021-09-14

Thank you all! Further details on discussions and outcomes shortly.

Regards

Shane

On Sep 14, 2021, at 9:47, Shane Coughlan <scoughlan@...> wrote:

Today we will be discussing further global deployment of our security reference documentation + open discussion on SBOMs and DBOMs.

Join Zoom Meeting
https://zoom.us/j/4377592799

Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)

Need to confirm your timezone?
OpenChain Global Work Team Call - 2021-08-14 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST

621 - 640 of 4831