OpenChain Automation Case Study #7 – VulnerableCode technical deep dive into VulnTotal Philippe Ombredanne from nexB will lead a technical deep dive into VulnTotal on the 7th of February at 09:00 CET

Issue under discussion here: https://github.com/OpenChain-Project/License-Compliance-Specification/issues/62 == Here is what we currently have: == 3.5.1 - Contributions If an organization considers co

Further discussion was contained here: OpenChain-Project/License-Compliance-Specification#63 Consolidating to this issue (and closing License Compliance Spec Issue 63) because it seems we will conclud

During the North America / Asia monthly call January 2023 we had a solid discussion on this issue: https://github.com/OpenChain-Project/License-Compliance-Specification/issues/63 Context: == Current =

Please find attached. Main focus will be on editing the specs. All welcome. We have some meaty stuff to discuss, including continuing our discussion on the definition of open source: https://zoom.us/j

Dear all Our regular USA / Asia monthly community call will take place in just over one hour (09:00 CST / 10:00 KST + JST). For those in the USA, it is at 17:00 Pacific / 19:00 Central on Monday. Main

OpenChain Monthly Community Call - 09:00 CST (01:00 UTC) on 3rd Tuesday A reminder that our Europe / Asia monthly call takes place tomorrow at 09:00 CST (10:00 KST and JST). In this meeting we will re

As a FYI, there will be more done to bring key documents to the forefront (Nathan and team are on it), but the existing material has been tidied up and some more key links added: https://www.openchain

From InnerSource Commons: In this session about SBOMs and InnerSource we will look at applying open source industry best practices and standards such as ISO 5230 OpenChain, ISO 5962 SPDX and CycloneDX

Some good third-party reading on OpenChain. Ulrike Fempel from SAP discusses their engagement as part of the end-of-year summery from the company: If you are more interested in the topic of open-sourc

Version 3 fully covers OpenChain Security Assurance Specification: https://www.openchainproject.org/resources/faq MarkDown version for editing and improvements on GitHub: https://github.com/OpenChain-

In anticipation of some of the incoming improvements from our Education Team, and in response to existing feedback, we have a new landing page on our website: https://www.openchainproject.org/ It is d

The recent Telco Work Group meeting is here: https://youtu.be/jhsvPgu7AyQ The discussion was focused on the open pull requests around the SBOM specification: https://github.com/OpenChain-Project/Telco

Bitsea, a service provider specialized in software auditing and based in Germany, today announces support for the OpenChain Security Assurance Specification 1.1. They can help companies understand and

Heads up about a useful event. AboutCode is holding a one day workshop for open source compliance tooling developers and users on the fringe of FOSDEM 2023. You probably know Philippe Ombredanne from

Big kudos to Jacob Wilson for taking our first generation manager overview and converting it to MarkDown: https://github.com/OpenChain-Project/Reference-Material/blob/master/Guides/Official/OpenChain-

Hi: We are organizing a one day workshop for developers and users of open source compliance tools. This is planned in Brussels just before FOSDEM on Friday February 3rd, 2023. We are inviting anyone i

Dear all Today's afternoon telco meeting is cancelled. We will share the recording of our morning meeting within 24 hours. Regards Shane — Shane Coughlan General Manager, OpenChain e: scoughlan@... p:

The Eventbrite booking form for the next OpenChain UK Workgroup meeting, taking place on 26th January 2023 is now live. Date: 26th January 2023 Time: 15:00 – 17:00 UTC Venue: Both virtual and physical

The next OpenChain Webinar will feature OSSelot, an open source curation database recently launched by OSADL in Germany. This project features one of the most requested features around open source aut