|
REMINDER: Resetting the OpenChain calendars for 2022
All our events are done. Our calendar and invites will be rebooted in January. Please check you do not have any orphan calendar items. Delete everything 🙂
== The OpenChain Project has had a tremendous 2021. Our local and global events have been both focused and relentless, pushing the boundaries on the largest corpus of compliance information, the largest automation case study and the largest compliance community in the world. As we enter 2022 it is time to catch our breath. There are two ways this will happen. (1) To make room for everyone’s holiday schedule, our Bi-Weekly Webinars on the 20th of December and the 4th of January are cancelled, along with our Bi-Weekly Work Group call on the 27th of December. We resume our meetings and our webinars from the 11th of January. (2) We are rebooting our calendar. After five years of intense activity and multiple mail clients, people are finding orphans. Please delete ALL meetings related to OpenChain in your calendar. Anything after the Korean Work Group meeting on the 20th of December is invalid. You will get an updated calendar starting 4th of January. I am looking forward to the new year, where we will be doing a lot to drive the industry forward both refreshed and with fully accurate scheduling :) Regards Shane
|
|
|
|
Heads up to OpenChain tech travelers: Omicron at Least Doubles Risk of Getting Infected on a Plane
Everyone, please be careful out there as we enter the new year. 🙂
https://www.bloomberg.com/news/articles/2021-12-22/omicron-at-least-doubles-risk-of-getting-infected-on-a-plane
|
|
|
|
Re: OpenChain Webinar #34 – The TODO Group
Ana Jimenez <ana@...>
Thanks, Shane! Just in case someone needs them, here are the slides from the presentation. Looking forward to see the TODO group working more closely with the OpenChain community and enhance OSPO adoption with OpenChain expertise 🤗 Best Ana
On Thu, Dec 9, 2021 at 9:42 AM Shane Coughlan <scoughlan@...> wrote: Our 34th webinar features Ana from the TODO Group digging into why Open Source Program Offices are useful, how TODO Group supports setting up and running these offices, and what is coming in the future.
|
|
|
|
ACTION REQUIRED: OpenChain Participation Certificates
Recently the Linux Foundation has been recognizing the amazing contributions of our community through digital certificates. For example, if you have been a speaker at an event, you will have received one.
The OpenChain Project is going to do the same. As we enter 2022, OpenChain is prepare digital certificates to show what you have been doing in our community, and to show our appreciation. We would like you to take a moment to fill out the form here with an overview of who you are, what work groups you are part of, and how long you have been in our community: https://1drv.ms/x/s!AsXJVqby5kpnkTHvJmDpwpuZE2kP Please help us recognize you with an official OpenChain certificate :)
|
|
|
|
Catch Up: Automation Case Study #6 – Digging Further Into The Supply Chain
For those of you who missed it first time around, the sixth part of our global case study on automation provides a full summary and gives you context for framing the utility of automation when talking to the CxO level:
https://www.openchainproject.org/automation/2021/12/09/automation-case-study-6
|
|
|
|
The Open Compliance Summit 2021 Awards
The Open Compliance Summit had an excellent collection of speakers and participants for 2021. Continuing our tradition of recognizing some of the work done throughout the previous 12 months, we announced the following awards. Everyone here has contributed to making open source compliance faster, easier and more effective, and they have done a lot to make sure great compliance is available for every company of any size around the world.
We also awarded David Marr (Qualcomm) with a special award to recognize his exceptional and transformative contribution to our field. Thank you Dave. Without you, we would never have created OpenChain ISO/IEC 5230 and we would never have built this amazing community. Lifetime Achievement • David Marr National Champion • Kris Feng • Gao Kun • Sami Atabani Exceptional Contributor • Balakrishna Mukundaraj • Ayumi Watanabe • Gary O’Neall • Maximilian Huber Community Driver • Hiroyuki Fukuchi • Kiyoshi Owada • Andrew Katz • Haksung Jang • Oliver Fendt The Steady Hand • David Rudin • Kate Stewart • Michael Dolan • Masato Endo • Marcel Kurzmann The New Guard • Helio Chissini de Castro • Jimmy Ahlberg • Prasad Iyer • Jari Koivisto • Soim Kim • Mary Mattran Learn More and See The Awards Being Announced: https://www.openchainproject.org/featured/2021/12/20/the-open-compliance-summit-2021-awards
|
|
|
|
Re: Resetting the OpenChain calendars for 2022
Correction:
toggle quoted messageShow quoted text
To make room for everyone’s holiday schedule, our Bi-Weekly Webinars the 20th of December and the 4th of January are cancelled, along with our Bi-Weekly Work Group call on the 27th of December. We resume our meetings and our webinars from the 11th of January. 🤦♂️🙇
On Dec 17, 2021, at 12:11, Shane Coughlan <scoughlan@...> wrote:
|
|
|
|
Resetting the OpenChain calendars for 2022
The OpenChain Project has had a tremendous 2021. Our local and global events have been both focused and relentless, pushing the boundaries on the largest corpus of compliance information, the largest automation case study and the largest compliance community in the world.
As we enter 2022 it is time to catch our breath. There are two ways this will happen. (1) To make room for everyone’s holiday schedule, our Bi-Weekly on the 20th of December and the 4th of January are cancelled, along with our Bi-Weekly Work Group call on the 27th of December. We resume our meetings and our webinars from the 11th of January. (2) We are rebooting our calendar. After five years of intense activity and multiple mail clients, people are finding orphans. Please delete ALL meetings related to OpenChain in your calendar. Anything after the Korean Work Group meeting on the 20th of December is invalid. You will get an updated calendar starting 4th of January. I am looking forward to the new year, where we will be doing a lot to drive the industry forward both refreshed and with fully accurate scheduling :) Regards Shane
|
|
|
|
Re: [india-wg] The First OpenChain Online Training With Individual Certification Is Available
Balakrishna Mukundaraj
Thank you all for contributions and execution for the successful completion and launch of the course. 😊
toggle quoted messageShow quoted text
Mit freundlichen Grüßen / Best regards Mukundaraj Balakrishna Information co-ordination (RBEI/ECA5) Robert Bosch GmbH | Postfach 10 60 50 | 70049 Stuttgart | GERMANY | www.bosch.com Tel. +91 80 6657-5938 | Mobile +91-96207-91838 | Fax +91 80 6617-0711 | Balakrishna.Mukundraj@... Registered Office: Stuttgart, Registration Court: Amtsgericht Stuttgart, HRB 14000; Chairman of the Supervisory Board: Franz Fehrenbach; Managing Directors: Dr. Volkmar Denner, Prof. Dr. Stefan Asenkerschbaumer, Filiz Albrecht, Dr. Christian Fischer, Dr. Stefan Hartung, Dr. Markus Heyn, Harald Kröger, Rolf Najork
-----Original Message-----
From: india-wg@... <india-wg@...> On Behalf Of Shane Coughlan via lists.openchainproject.org Sent: Thursday, December 16, 2021 3:23 PM To: OpenChain Main <main@...> Cc: OpenChain Germany <germany-wg@...>; OpenChain India <india-wg@...>; OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Taiwan <taiwan-wg@...>; OpenChain UK <uk-wg@...> Subject: [india-wg] The First OpenChain Online Training With Individual Certification Is Available The OpenChain Education Work Group and LF Training have collaborated on Introduction to Open Source License Compliance Management (LFC193), a free course with individual certification is now available. Who Is It For This course is intended for developers, project managers and executive decision makers who already know the basics of what open source software is and how copyrights work and are ready to take the next step towards building a formal compliance program for their organization. What You’ll Learn This course provides a reference example of how an open source compliance program should be structured. It is designed to be used in the context of OpenChain ISO/IEC 5230:2020 but can be used for any open source compliance program. The course provides knowledge from the basics of intellectual property through to key concepts of an open source review. It is based on real-world experience and focuses on outcomes that are directly applicable to product and service deployment. The outcome of this course will be a clear understanding of how to use compliance as business optimization, reducing resource use and increasing efficiency. What It Prepares You For This course enables you to deal with the basics of open source license compliance management. You will be able to assess the current status of your company and begin planning improvements to processes. If you are a project manager, engineer or management personnel with a responsibility for architecture and strategy, this course will be particularly useful. Get Started Here https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftraining.linuxfoundation.org%2Ftraining%2Fintroduction-to-open-source-license-compliance-management-lfc193%2F&;data=04%7C01%7Cbalakrishna.mukundraj%40in.bosch.com%7C3e4c09f125f8444d57f108d9c079d060%7C0ae51e1907c84e4bbb6d648ee58410f4%7C0%7C0%7C637752451691065402%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=aih2eYvmiiWnlXNurtYQ16fnYnCTDElGXEtIJwKbps0%3D&reserved=0 Huge kudos to Balakrishna and everyone else in the Education Work Team for making this happen :)
|
|
|
|
The First OpenChain Online Training With Individual Certification Is Available
The OpenChain Education Work Group and LF Training have collaborated on Introduction to Open Source License Compliance Management (LFC193), a free course with individual certification is now available.
Who Is It For This course is intended for developers, project managers and executive decision makers who already know the basics of what open source software is and how copyrights work and are ready to take the next step towards building a formal compliance program for their organization. What You’ll Learn This course provides a reference example of how an open source compliance program should be structured. It is designed to be used in the context of OpenChain ISO/IEC 5230:2020 but can be used for any open source compliance program. The course provides knowledge from the basics of intellectual property through to key concepts of an open source review. It is based on real-world experience and focuses on outcomes that are directly applicable to product and service deployment. The outcome of this course will be a clear understanding of how to use compliance as business optimization, reducing resource use and increasing efficiency. What It Prepares You For This course enables you to deal with the basics of open source license compliance management. You will be able to assess the current status of your company and begin planning improvements to processes. If you are a project manager, engineer or management personnel with a responsibility for architecture and strategy, this course will be particularly useful. Get Started Here https://training.linuxfoundation.org/training/introduction-to-open-source-license-compliance-management-lfc193/ Huge kudos to Balakrishna and everyone else in the Education Work Team for making this happen :)
|
|
|
|
OpenChain PlayBook – Medium Company
The first OpenChain PlayBook is now available. It focuses on showing how a medium size company can go from considering to using OpenChain ISO/IEC 5230:2020.
https://www.openchainproject.org/featured/2021/12/16/playbook-medium-company The OpenChain PlayBooks are intended to help you understand the types of decisions made by managers in companies adopting OpenChain ISO/IEC 5230:2020. We cover examples of the decision-process in small, medium and large companies. Our examples are based on companies (a) in the technology industry, (b) in the middle of the supply chain and (c) shipping physical products containing software.
|
|
|
|
Re: OpenChain Person of the Year: Mark Gisi
Mark Gisi
Thank you Shane for your kind words. Like any successful open source initiative, the real force lies within the community collectively, and the crafting of the OpenChain specification and Security guide are no exceptions. I estimate contributions have come from more than 300 contributors over the past 5+ years. Which are the makings of yet another great open source success story.
toggle quoted messageShow quoted text
Of course - special thanks and great appreciation must also go to Shane for his fantastic leadership in all things OpenChain (which there are many). Kind regards, Mark Mark Gisi Director, Open Source Program Office Empowering Engineers & Customers to Prosper using Open Source (510) 749-2016
-----Original Message-----
From: main@... <main@...> On Behalf Of Shane Coughlan Sent: Wednesday, December 15, 2021 1:14 AM To: OpenChain Main <main@...> Cc: OpenChain Korea <korea-wg@...>; OpenChain Partners <partners@...>; OpenChain Germany <germany-wg@...>; OpenChain India <india-wg@...>; OpenChain Japan <japan-wg@...>; OpenChain Taiwan <taiwan-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>; OpenChain Tooling <oss-based-compliance-tooling@groups.io> Subject: [openchain] OpenChain Person of the Year: Mark Gisi [Please note: This e-mail is from an EXTERNAL e-mail address] As we head into the holiday season I wanted to take a moment and thank everyone for an exceptional year. The OpenChain Project has accomplished incredible things, from altering the status quo in the tooling landscape (and making it better) through to preparing our first online training course. Too many people to count assisted in this process. However, I wanted to give special thanks and acknowledgement to Mark Gisi, chairperson of the Specification Work Group. This year he lead an effort to conclusively bridge the gap between OpenChain ISO/IEC 5230 and the security domain. This work was far more than speculative: companies around the world began using our ISO/IEC standard to accomplish security goals, especially in light of recent international developments. The situation was both supported and challenged by the market reality of deployment before full community cohesion. For large companies this is never a serious concern, but for small companies trying to get up-to-speed it is our job (and our pleasure) to make sure they can match their peers, their suppliers and their customers as soon as possible. Mark took this all in his stride and coordinated a multi-month effort with exceptional consensus to produce our Security Assurance Reference Guide in August. Since that date the guide has been available to all parties for review, and Mark further shepherded feedback from that review to determine if updates were needed in the near term. They were not, because you all hit it out of the ballpark, and we got this artifact to market at precisely the right time to address topics like the US Executive Order. Mark, thank you. Now, Mark is far from the only person who has done exceptional things. I want to particularly thank Balakrishna for shepherding our first online training course (with certification) through reviews by many, many parties. We go live on the 16th December, tomorrow, and change the market in that direction. The course, of course, is free. I also want to thank Oliver, who has been running the OpenChain Reference Tooling Work Group on a breathtaking schedule of bi-weekly meetings. The sheer amount of information collected and experience shared eclipses anything done before in that domain. And finally in this list (but not in terms of amazing contribution), I want to thank Max for running the OpenChain Automation Case Study, which took all the ingredients around the world, and showed how to make them turnkey, how to many them work in the supply chain, and how to contextualize it as business intelligence. See you all tomorrow at the Open Compliance Summit, and if not then, soon. Regards Shane
|
|
|
|
OpenChain Person of the Year: Mark Gisi
As we head into the holiday season I wanted to take a moment and thank everyone for an exceptional year. The OpenChain Project has accomplished incredible things, from altering the status quo in the tooling landscape (and making it better) through to preparing our first online training course. Too many people to count assisted in this process. However, I wanted to give special thanks and acknowledgement to Mark Gisi, chairperson of the Specification Work Group. This year he lead an effort to conclusively bridge the gap between OpenChain ISO/IEC 5230 and the security domain.
This work was far more than speculative: companies around the world began using our ISO/IEC standard to accomplish security goals, especially in light of recent international developments. The situation was both supported and challenged by the market reality of deployment before full community cohesion. For large companies this is never a serious concern, but for small companies trying to get up-to-speed it is our job (and our pleasure) to make sure they can match their peers, their suppliers and their customers as soon as possible. Mark took this all in his stride and coordinated a multi-month effort with exceptional consensus to produce our Security Assurance Reference Guide in August. Since that date the guide has been available to all parties for review, and Mark further shepherded feedback from that review to determine if updates were needed in the near term. They were not, because you all hit it out of the ballpark, and we got this artifact to market at precisely the right time to address topics like the US Executive Order. Mark, thank you. Now, Mark is far from the only person who has done exceptional things. I want to particularly thank Balakrishna for shepherding our first online training course (with certification) through reviews by many, many parties. We go live on the 16th December, tomorrow, and change the market in that direction. The course, of course, is free. I also want to thank Oliver, who has been running the OpenChain Reference Tooling Work Group on a breathtaking schedule of bi-weekly meetings. The sheer amount of information collected and experience shared eclipses anything done before in that domain. And finally in this list (but not in terms of amazing contribution), I want to thank Max for running the OpenChain Automation Case Study, which took all the ingredients around the world, and showed how to make them turnkey, how to many them work in the supply chain, and how to contextualize it as business intelligence. See you all tomorrow at the Open Compliance Summit, and if not then, soon. Regards Shane
|
|
|
|
FOSSA Is The Latest OpenChain Partner
Big news today as we formally welcome FOSSA to the OpenChain Partner Program. Their expertise and leadership gToday we welcome FOSSA to the OpenChain Partner Program. Their expertise and leadership gives a significant boost to support available for OpenChain ISO/IEC 5230, the International Standard for open source license compliance.
Learn more on their blog: • https://fossa.com/blog/fossa-partners-openchain-open-source-management/
|
|
|
|
ETRI Announces An OpenChain Conformant Program
More progress in Korea. Excellent work by the team at ETRI! Thank you for helping to spearhead market maturity around open source license compliance.
|
|
|
|
OpenChain Webinar #34 – The TODO Group
Our 34th webinar features Ana from the TODO Group digging into why Open Source Program Offices are useful, how TODO Group supports setting up and running these offices, and what is coming in the future.
Check it out here: https://www.openchainproject.org/news/2021/12/09/webinar-34 Thanks Ana! Great presentation.
|
|
|
|
OpenChain China Work Group Meeting #7 – 2021-12-08
The most recent China Work Group meeting was held on the 8th of December. This is our last China meeting for 2021 and it included some interesting material in Chinese and English. You may be particularly interested in the presentation about CAICT (an organization directly under the Chinese Ministry of Trade), and their positioning as a third-party certifier.
Learn More: https://www.openchainproject.org/featured/2021/12/09/china-wg-meeting-7
|
|
|
|
Re: [germany-wg] REMINDER: OpenChain Automation Case Study in one hour 09:00 UTC / 10:00 CET / 17:00 CST / 18:00 KST + JST.
Our automation case study starts now.
toggle quoted messageShow quoted text
On Dec 8, 2021, at 17:01, Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@...> wrote:
|
|
|
|
REMINDER: OpenChain Automation Case Study in one hour 09:00 UTC / 10:00 CET / 17:00 CST / 18:00 KST + JST.
A reminder that our case study takes place in one hour.
toggle quoted messageShow quoted text
On Dec 6, 2021, at 19:33, Shane Coughlan <scoughlan@...> wrote:
|
|
|
|
A reminder that the Open Compliance Summit is next week (16th December)
A reminder that the Open Compliance Summit is next week (16th December).
This is an exclusive event for Linux Foundation members and select invitees that provides an excellent opportunity for organizations to share knowledge around open source compliance. Attendance is limited to ensure ease of networking and collaboration. We have a schedule covering all the key topics of 2021, from standards to automation, and some great practical case studies: https://events.linuxfoundation.org/open-compliance-summit/program/schedule/ You can request an invitation here: https://events.linuxfoundation.org/open-compliance-summit/register/ Places are limited. This is an event under Chatham House Rule and will not be rebroadcast. We decided to keep costs minimal and just cover the virtual platform. It is $20 USD for a ticket. 20% off for LF Members, so $16 USD. Regards Shane Shane Coughlan OpenChain General Manager +818040358083 Book a meeting: https://meetings.hubspot.com/scoughlan
|
|
|