OpenChain UK Work Group September Meeting
The next meeting for the OpenChain UK Work Group will be held on Thursday 30 September 2021 from 14:00 - 15:30.
A full agenda will be launched prior to the meeting, which will be an interactive session with plenty of opportunity to ask questions and discuss OpenChain adoption and best practice.
There has been a huge amount going on in the world of OpenChain, with a raft of new, high-profile conformance announcements, new optional extensions to the standard covering security and community engagement, and increased emphasis on the ease of use of tooling.
Open Chain’s General Manager Shane Coughlan will be joining us, and bringing us up to speed on new initiatives intended to make existing compliance tools like FOSSology and ScanCode easier to use.
To book your place and receive the Zoom login details, complete the Eventbrite booking form: https://ocukwgsep21.eventbrite.co.uk
CfP - Open Compliance Summit - December 16th 2021 - Deadline October 1st
Reminder about upcoming deadlines/dates to be aware of regarding the Open Compliance Summit CFP:
• CFP Closes: Friday, October 1
• CFP Notifications: Tuesday, October 19
• Schedule Announcement: Thursday, October 21
https://events.linuxfoundation.org/open-compliance-summit/program/cfp/#%E6%A6%82%E8%A6%81
• CFP Closes: Friday, October 1
• CFP Notifications: Tuesday, October 19
• Schedule Announcement: Thursday, October 21
https://events.linuxfoundation.org/open-compliance-summit/program/cfp/#%E6%A6%82%E8%A6%81
Re: [india-wg] [openchain] Proposal - OpenChain Quality of Conformance Assessment Levels (including a sub-proposal for tooling quality assessment levels)
Thanks Matija. Glad it reads well to you!
Regards
Shane
toggle quoted message
Show quoted text
Regards
Shane
On Aug 24, 2021, at 20:02, Matija Šuklje <matija@...> wrote:
Die 24. 08. 21 et hora 09:00 Shane Coughlan scripsit:In broad strokes:This sounds like a sane approach to me.
(1) we decided to make it *very* clear this was not about variants of
OpenChain ISO 5230 but rather about where companies can go next after
adoption
(2) we decided to pull back from “quality grading” by the project
and instead providing case studies and examples to help inspire companiesCheck out the latest (and dramatically overhauled) edit here:After opening the slide deck today, I was wondering what the complaints were
https://1drv.ms/p/s!AsXJVqby5kpnkShuUGG9M2Ki9MEc
against :)
The slides look OK to me at the time of this writing.
cheers,
Matija
Re: Proposal - OpenChain Quality of Conformance Assessment Levels (including a sub-proposal for tooling quality assessment levels)
Thanks for the great feedback Kate and Mark (on this list) and loads of other people (on our call).
In broad strokes:
(1) we decided to make it *very* clear this was not about variants of OpenChain ISO 5230 but rather about where companies can go next after adoption
(2) we decided to pull back from “quality grading” by the project and instead providing case studies and examples to help inspire companies
Check out the latest (and dramatically overhauled) edit here:
https://1drv.ms/p/s!AsXJVqby5kpnkShuUGG9M2Ki9MEc
toggle quoted message
Show quoted text
In broad strokes:
(1) we decided to make it *very* clear this was not about variants of OpenChain ISO 5230 but rather about where companies can go next after adoption
(2) we decided to pull back from “quality grading” by the project and instead providing case studies and examples to help inspire companies
Check out the latest (and dramatically overhauled) edit here:
https://1drv.ms/p/s!AsXJVqby5kpnkShuUGG9M2Ki9MEc
On Aug 23, 2021, at 23:06, Mark Gisi <mark.gisi@...> wrote:
One of the core guiding principles for the OpenChain Specification is to focus on the what and why of compliance (and avoid the how and when). This is highlighted in the introduction of the spec. That is avoid being prescriptive.
It was always understood that the OpenChain Project would foster the creation of various materials around best practices to educate how other companies achieve conformance. That is - to describe the prescriptive ways of others. This has not been done with any formal structure yet within the project. The proposed levels approach is the first attempt to do this which I commend. What I disagree with is mixing the specification to tightly with prescriptive ways because it undermines a core principle and purpose of the specification.
I suggest we create a complimentary best practice program/guide that encourages companies to consider various prescriptive levels. That is, have Best Practice Levels (bronze, silver, gold, …) but DON’T confuse it with the spec (which is: about what and why, practice neutral, non-prescriptive, …). For instance, have a program with its own logo (for example - see attached)
best,
Mark Gisi
Director, Open Source Program Office
Empowering Customers to Prosper using Open Source
(510) 749-2016
-----Original Message-----
From: specification@... <specification@...> On Behalf Of Shane Coughlan
Sent: Monday, August 23, 2021 1:43 AM
To: OpenChain Main <main@...>
Cc: OpenChain Japan <japan-wg@...>; OpenChain Korea <korea-wg@...>; OpenChain Germany <germany-wg@...>; OpenChain India <india-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Partners <partners@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>; OpenChain Tooling <oss-based-compliance-tooling@groups.io>; OpenChain Specification <specification@...>
Subject: [specification] Proposal - OpenChain Quality of Conformance Assessment Levels (including a sub-proposal for tooling quality assessment levels)
[Please note: This e-mail is from an EXTERNAL e-mail address]
Dear all
During a recent OpenChain Japan Planning meeting we discussed the challenge of “next steps” in OpenChain ISO 5230 conformance. Our initial goal of adoption in the supply chain is well underway. Our basic concept of “raising all the boats” is working. But now it is time to talk in more detail about “raising the boats to where?”
From its launch in October 2016 until today, the OpenChain Project has been based on the concept of continual improvement (or Kaizen). We can now provide a “map” to help guide companies in this process, and to help customer companies judge the sophistication of suppliers who have adopted OpenChain ISO 5230.
Attached is a slide-deck exploring how this can be done. We will be discussing this in the OpenChain bi-weekly global work team meeting today (Monday 23rd of August) at 14:00 UTC. All welcome. No registration.
https://zoom.us/j/4377592799
You can add comments to this document online:
https://1drv.ms/p/s!AsXJVqby5kpnkShuUGG9M2Ki9MEc
Regards
Shane
<ocbp-logo.jpg>
Proposal - OpenChain Quality of Conformance Assessment Levels (including a sub-proposal for tooling quality assessment levels)
Dear all
During a recent OpenChain Japan Planning meeting we discussed the challenge of “next steps” in OpenChain ISO 5230 conformance. Our initial goal of adoption in the supply chain is well underway. Our basic concept of “raising all the boats” is working. But now it is time to talk in more detail about “raising the boats to where?”
From its launch in October 2016 until today, the OpenChain Project has been based on the concept of continual improvement (or Kaizen). We can now provide a “map” to help guide companies in this process, and to help customer companies judge the sophistication of suppliers who have adopted OpenChain ISO 5230.
Attached is a slide-deck exploring how this can be done. We will be discussing this in the OpenChain bi-weekly global work team meeting today (Monday 23rd of August) at 14:00 UTC. All welcome. No registration.
https://zoom.us/j/4377592799
You can add comments to this document online:
https://1drv.ms/p/s!AsXJVqby5kpnkShuUGG9M2Ki9MEc
Regards
Shane
During a recent OpenChain Japan Planning meeting we discussed the challenge of “next steps” in OpenChain ISO 5230 conformance. Our initial goal of adoption in the supply chain is well underway. Our basic concept of “raising all the boats” is working. But now it is time to talk in more detail about “raising the boats to where?”
From its launch in October 2016 until today, the OpenChain Project has been based on the concept of continual improvement (or Kaizen). We can now provide a “map” to help guide companies in this process, and to help customer companies judge the sophistication of suppliers who have adopted OpenChain ISO 5230.
Attached is a slide-deck exploring how this can be done. We will be discussing this in the OpenChain bi-weekly global work team meeting today (Monday 23rd of August) at 14:00 UTC. All welcome. No registration.
https://zoom.us/j/4377592799
You can add comments to this document online:
https://1drv.ms/p/s!AsXJVqby5kpnkShuUGG9M2Ki9MEc
Regards
Shane
OpenChain Webinar Today 2021-08-16 @ 14:00 UTC - Heads up on a very cool part of our forthcoming webinar. Carlo Piana and Alberto Pianon will open the door on a new frontier for OpenChain. Welcome to practical application in projects.
Heads up on a very cool part of our webinar today. Carlo Piana and Alberto Pianon will open the door on a new frontier for OpenChain. Welcome to practical application in projects.
'OpenChain beyond companies: How OpenHarmony and Openeuler have applied OpenChain ISO 5230 for process management'
And as mentioned earlier:
Helpful Engineering will discuss open innovation in the pandemic response with a focus on governance. Their case study will include a case study of an open source license violation (unpacking the situation, not naming names).
Join the call:
https://zoom.us/j/4377592799
Need to confirm your timezone?
2021-08-16 @ 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
Helpful Engineering will discuss open innovation in the pandemic response with a focus on governance. Their case study will include a case study of an open source license violation (unpacking the situation, not naming names).
Join the call:
https://zoom.us/j/4377592799
Need to confirm your timezone?
2021-08-16 @ 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
OpenChain Webinar Today 2021-08-16 @ 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
OpenChain Webinar Today:
We have a bit of a treat today. Helpful Engineering will discuss open innovation in the pandemic response with a focus on governance. Their case study will include a case study of an open source license violation (unpacking the situation, not naming names).
Learn more about this organization:
https://helpfulengineering.org/
Join the call:
https://zoom.us/j/4377592799
Need to confirm your timezone?
2021-08-16 @ 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
We have a bit of a treat today. Helpful Engineering will discuss open innovation in the pandemic response with a focus on governance. Their case study will include a case study of an open source license violation (unpacking the situation, not naming names).
Learn more about this organization:
https://helpfulengineering.org/
Join the call:
https://zoom.us/j/4377592799
Need to confirm your timezone?
2021-08-16 @ 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
OpenChain ISO 5230 – Security Assurance Reference Guide Now Available
The OpenChain Project has a mission to establish trust in the Open Source from which Software Solutions are built. The International Standard OpenChain ISO 5230 addresses this matter from the perspective around open source license compliance. Many of the same processes are equally applicable to open source security and for this reason we are providing guidance regarding how they can be applied.
The OpenChain Security Assurance Reference Guide 1.0 has a similar format to OpenChain ISO 5230. It can be regarded as a map enabling a user to transpose the proven processes of ISO 5230 to the security domain. This first iteration of the reference guide focuses on the core process of identifying and addressing “known vulnerabilities.” Over time we will evolve the guide to refine its effectiveness.
The OpenChain Security Assurance Reference Guide should be understood as a method to complement rather than compete with security specific standards. It is quite possible that an organization is compliant with another given standard will automatically meet all the processes outlined in the OpenChain Security Assurance Reference Guide. This is by design.
As the OpenChain Project adds additional reference guides over time (e.g., quality, export compliance, malware and functional safety) the value of OpenChain ISO 5230 will grow. This work – as with all activity inside the OpenChain Project – will be undertaken by the community of user companies for the benefit of the community.
Get The Reference Guide
• https://github.com/OpenChain-Project/SecurityAssuranceGuide/tree/main/Guide/1.0
Send Feedback To The Specification Team
• https://lists.openchainproject.org/g/specification
The OpenChain Security Assurance Reference Guide 1.0 has a similar format to OpenChain ISO 5230. It can be regarded as a map enabling a user to transpose the proven processes of ISO 5230 to the security domain. This first iteration of the reference guide focuses on the core process of identifying and addressing “known vulnerabilities.” Over time we will evolve the guide to refine its effectiveness.
The OpenChain Security Assurance Reference Guide should be understood as a method to complement rather than compete with security specific standards. It is quite possible that an organization is compliant with another given standard will automatically meet all the processes outlined in the OpenChain Security Assurance Reference Guide. This is by design.
As the OpenChain Project adds additional reference guides over time (e.g., quality, export compliance, malware and functional safety) the value of OpenChain ISO 5230 will grow. This work – as with all activity inside the OpenChain Project – will be undertaken by the community of user companies for the benefit of the community.
Get The Reference Guide
• https://github.com/OpenChain-Project/SecurityAssuranceGuide/tree/main/Guide/1.0
Send Feedback To The Specification Team
• https://lists.openchainproject.org/g/specification
FINAL REMINDER: OpenChain Security Guidance Document - Last Call
We begin in 20 minutes :)
REMINDER: OpenChain Bi-Weekly Work Group Call - 2021-08-10 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST
We are finalizing this document:
https://1drv.ms/w/s!AsXJVqby5kpnkSaMT5WBZwJBONuB
In this Zoom room:
https://zoom.us/j/4377592799
The finished document will be released this week. It will provide context to all users of OpenChain ISO 5230 on application in the context of security.
REMINDER: OpenChain Bi-Weekly Work Group Call - 2021-08-10 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST
We are finalizing this document:
https://1drv.ms/w/s!AsXJVqby5kpnkSaMT5WBZwJBONuB
In this Zoom room:
https://zoom.us/j/4377592799
The finished document will be released this week. It will provide context to all users of OpenChain ISO 5230 on application in the context of security.
IMPORTANT: OpenChain Security Assurance Reference Guide (ISO 5230 Security Assurance Reference Guide)
The security guidance guide for OpenChain ISO 5230 is nearly ready. This is the last call for comments.
This document will provide all that is necessary to apply OpenChain ISO 5230 to address security matters related to open source. It does not alter or adjust the standard itself. It is a “mapping” guide.
Here is the document in a format that allows you to add comments:
https://1drv.ms/w/s!AsXJVqby5kpnkSaMT5WBZwJBONuB
Here is the most recent call where we discussed specifics:
https://www.youtube.com/watch?v=okRa07dfokE
You have until the 10th of August to provide feedback, with the process ending during our regular Global Work Team call on that day. The document will be released on the 11th of August.
Regards
Shane
—
Shane Coughlan
General Manager, OpenChain
e: scoughlan@...
p: +81 (0) 80 4035 8083
w: www.linuxfoundation.org
Schedule a call:
https://meetings.hubspot.com/scoughlan
This document will provide all that is necessary to apply OpenChain ISO 5230 to address security matters related to open source. It does not alter or adjust the standard itself. It is a “mapping” guide.
Here is the document in a format that allows you to add comments:
https://1drv.ms/w/s!AsXJVqby5kpnkSaMT5WBZwJBONuB
Here is the most recent call where we discussed specifics:
https://www.youtube.com/watch?v=okRa07dfokE
You have until the 10th of August to provide feedback, with the process ending during our regular Global Work Team call on that day. The document will be released on the 11th of August.
Regards
Shane
—
Shane Coughlan
General Manager, OpenChain
e: scoughlan@...
p: +81 (0) 80 4035 8083
w: www.linuxfoundation.org
Schedule a call:
https://meetings.hubspot.com/scoughlan
Re: [specification] [openchain] OpenChain Global Work Team Call - 2021-07-26 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
Awesome! Thanks Mark!
Everyone, we start in 30 minutes.
Don’t forget: we have a new dial in link here:
Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan
On Jul 26, 2021, at 22:24, Mark Gisi <mark.gisi@...> wrote:
The current draft of the Security Assurance Reference Guide can be found here:
https://github.com/OpenChain-Project/SecurityAssuranceGuide/tree/main/Guide
best,
Mark Gisi
Director, Open Source Program OfficeEmpowering Customers to Prosper using Open Source
(510) 749-2016
From: main@... <main@...> On Behalf Of Shane Coughlan
Sent: Monday, July 26, 2021 2:44 AM
To: OpenChain Main <main@...>
Cc: OpenChain Germany <germany-wg@...>; OpenChain India <india-wg@...>; OpenChain UK <uk-wg@...>; OpenChain Partners <partners@...>; OpenChain Automotive <openchain-automotive-work-group@groups.io>
Subject: [openchain] OpenChain Global Work Team Call - 2021-07-26 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
[Please note: This e-mail is from an EXTERNAL e-mail address]
We focus on the security extension again, and prepare to throw it open to general editing.
All welcome. No registration.https://zoom.us/j/4377592799
Want to confirm your timezone?
2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan
OpenChain Global Work Team Call - 2021-07-26 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
We focus on the security extension again, and prepare to throw it open to general editing.
All welcome. No registration.
All welcome. No registration.
https://zoom.us/j/4377592799
Want to confirm your timezone?
2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan
Want to confirm your timezone?
2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan
FINAL NOTE: OpenChain Third Monday Webinar - 2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST: SBOM Challenges in Unstructured Projects + Case Study: Readiness Assessment for OpenChain ISO 5230
In case you missed it in the text of the previous note, our Zoom room has changed:
https://zoom.us/j/4377592799
See a lot of you in a couple of minutes. :)
https://zoom.us/j/4377592799
See a lot of you in a couple of minutes. :)
REMINDER: OpenChain Third Monday Webinar - 2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST: SBOM Challenges in Unstructured Projects + Case Study: Readiness Assessment for OpenChain ISO 5230
We start in about three hours :)
toggle quoted message
Show quoted text
On Jul 19, 2021, at 9:22, Shane Coughlan <scoughlan@...> wrote:
We have two featured speakers today.
SBOM Challenges in Unstructured Projects
Jan Thielscher from EACG
Case Study: Readiness Assessment for OpenChain ISO 5230
Marcel Scholze from PwC
All welcome. No registration.
https://zoom.us/j/4377592799
Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)
Dial by your location
+1 301 715 8592 US (Washington DC)
+1 312 626 6799 US (Chicago)
+1 346 248 7799 US (Houston)
+1 646 558 8656 US (New York)
+1 669 900 6833 US (San Jose)
+1 253 215 8782 US (Tacoma)
877 369 0926 US Toll-free
855 880 1246 US Toll-free
+1 438 809 7799 Canada
+1 587 328 1099 Canada
+1 647 374 4685 Canada
+1 647 558 0588 Canada
+1 778 907 2071 Canada
+1 204 272 7920 Canada
855 703 8985 Canada Toll-free
Meeting ID: 437 759 2799
Find your local number: https://zoom.us/u/awFnORNiA
Want to confirm your timezone?
2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
OpenChain Third Monday Webinar - 2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST: SBOM Challenges in Unstructured Projects + Case Study: Readiness Assessment for OpenChain ISO 5230
We have two featured speakers today.
SBOM Challenges in Unstructured Projects
Jan Thielscher from EACG
Case Study: Readiness Assessment for OpenChain ISO 5230
Marcel Scholze from PwC
All welcome. No registration.
https://zoom.us/j/4377592799
Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)
Dial by your location
+1 301 715 8592 US (Washington DC)
+1 312 626 6799 US (Chicago)
+1 346 248 7799 US (Houston)
+1 646 558 8656 US (New York)
+1 669 900 6833 US (San Jose)
+1 253 215 8782 US (Tacoma)
877 369 0926 US Toll-free
855 880 1246 US Toll-free
+1 438 809 7799 Canada
+1 587 328 1099 Canada
+1 647 374 4685 Canada
+1 647 558 0588 Canada
+1 778 907 2071 Canada
+1 204 272 7920 Canada
855 703 8985 Canada Toll-free
Meeting ID: 437 759 2799
Find your local number: https://zoom.us/u/awFnORNiA
Want to confirm your timezone?
2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
SBOM Challenges in Unstructured Projects
Jan Thielscher from EACG
Case Study: Readiness Assessment for OpenChain ISO 5230
Marcel Scholze from PwC
All welcome. No registration.
https://zoom.us/j/4377592799
Meeting ID: 437 759 2799
One tap mobile
+13017158592,,4377592799# US (Washington DC)
+13126266799,,4377592799# US (Chicago)
Dial by your location
+1 301 715 8592 US (Washington DC)
+1 312 626 6799 US (Chicago)
+1 346 248 7799 US (Houston)
+1 646 558 8656 US (New York)
+1 669 900 6833 US (San Jose)
+1 253 215 8782 US (Tacoma)
877 369 0926 US Toll-free
855 880 1246 US Toll-free
+1 438 809 7799 Canada
+1 587 328 1099 Canada
+1 647 374 4685 Canada
+1 647 558 0588 Canada
+1 778 907 2071 Canada
+1 204 272 7920 Canada
855 703 8985 Canada Toll-free
Meeting ID: 437 759 2799
Find your local number: https://zoom.us/u/awFnORNiA
Want to confirm your timezone?
2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
Bosch Announces Rollout Of An OpenChain ISO 5230 Framework For Open Source Compliance
Some very big news from Bosch today: while parts of the organization already have OpenChain ISO 5230 conformant programs, there is a target of having whole organization conformance by end of year. This will make Bosch the second company in the world to seek whole entity conformance, and the first at the core of the automotive supply chain. Learn more:
https://www.openchainproject.org/featured/2021/07/13/bosch-iso-conformance
https://www.openchainproject.org/featured/2021/07/13/bosch-iso-conformance
REMINDER: OpenChain Bi-Weekly Webinar - 2021-07-06 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST
OpenChain Bi-Weekly Webinar - 2021-07-06 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST
On today's webinar we are going to cover two major topics.
First up we have 'An Overview of FOSSLight' by Kyoungae Kim of LG Electronics. FOSSLight is a newly released open source tool for open source compliance management that has been used internally in LG Electronics for several years:
https://fosslight.org
https://n.news.naver.com/article/001/0012435207
We continuing discussing tooling with 'Automated Yocto compliance built on SPDX: meta-doubleopen to Fossology to OSS Review Toolkit' by Mikko Murto of HH Partners.
All welcome.
Join Zoom Meeting
https://zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09
Meeting ID: 999 012 0120
Passcode: 123456
On today's webinar we are going to cover two major topics.
First up we have 'An Overview of FOSSLight' by Kyoungae Kim of LG Electronics. FOSSLight is a newly released open source tool for open source compliance management that has been used internally in LG Electronics for several years:
https://fosslight.org
https://n.news.naver.com/article/001/0012435207
We continuing discussing tooling with 'Automated Yocto compliance built on SPDX: meta-doubleopen to Fossology to OSS Review Toolkit' by Mikko Murto of HH Partners.
All welcome.
Join Zoom Meeting
https://zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09
Meeting ID: 999 012 0120
Passcode: 123456
OpenChain Bi-Weekly Webinar - 2021-07-06 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST
OpenChain Bi-Weekly Webinar - 2021-07-06 at 06:00 UTC / 07:00 BST / 08:00 CEST / 11:30 IST / 14:00 CST / 15:00 KST+JST
On tomorrow’s webinar we are going to cover two major topics.
First up we have 'An Overview of FOSSLight' by Kyoungae Kim of LG Electronics. FOSSLight is a newly released open source tool for open source compliance management that has been used internally in LG Electronics for several years:
https://fosslight.org
https://n.news.naver.com/article/001/0012435207
We continuing discussing tooling with 'Automated Yocto compliance built on SPDX: meta-doubleopen to Fossology to OSS Review Toolkit' by Mikko Murto of HH Partners.
All welcome.
Join Zoom Meeting
https://zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09
Meeting ID: 999 012 0120
Passcode: 123456
On tomorrow’s webinar we are going to cover two major topics.
First up we have 'An Overview of FOSSLight' by Kyoungae Kim of LG Electronics. FOSSLight is a newly released open source tool for open source compliance management that has been used internally in LG Electronics for several years:
https://fosslight.org
https://n.news.naver.com/article/001/0012435207
We continuing discussing tooling with 'Automated Yocto compliance built on SPDX: meta-doubleopen to Fossology to OSS Review Toolkit' by Mikko Murto of HH Partners.
All welcome.
Join Zoom Meeting
https://zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09
Meeting ID: 999 012 0120
Passcode: 123456
Please Participate in the TODO Group 2021 State of OSPO Survey
Hey everyone, it’s time to do the OSPO Survey. Links below.
Please Participate in the TODO Group 2021 State of OSPO Survey
OpenChain Third Monday Webinar - 2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
Our webinar today will feature two excellent talks.
Till Jaeger, JBB Rechtsanwälte on:
How to bring an ancient development project into compliance- best practices
Nicole Pappler, AlektoMetis on:
OpenChain ISO 5230 and Software Quality Management
All welcome. No registration.
https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09
Want to confirm your timezone?
2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST
Till Jaeger, JBB Rechtsanwälte on:
How to bring an ancient development project into compliance- best practices
Nicole Pappler, AlektoMetis on:
OpenChain ISO 5230 and Software Quality Management
All welcome. No registration.
https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09
Want to confirm your timezone?
2021-06-21 - 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST