The recording of our regular bi-weekly Specification Work Team is now available. This call covered discussion on how to set expectations around evolution of the standard and to ensure maximum support as we graduate from the ISO/IEC process in September.
You can join the Specification Mailing List to follow all the activity
Agenda:
13:00-13:30 | Check-In
13:30-14:00 | A Brief Introduction to OpenChain (English)
Shane Coughlan, OpenChain
14:00-14:30 | OpenChain Japan workgroup and the workgroup’s status (English)
Hiroyuki Fukuchi, Sony Japan
14:30-15:00 | Common requirements on OSS compliance from communities to Taiwan companies and how OpenChain can help to that (Mandarin)
Lucien C.H. Lin, OCF (林誠夏, 開放文化基金會)
15:00-15:30 | OpenChain 2.0 specification in a nutshell (Mandarin)
SZ Lin, Moxa Inc. (林上智, 四零四科技)
15:30-16:00 | Break – Tea Time
16:00-16:10 | Introduction to OpenChain Taiwan workgroup (Mandarin)
SZ Lin, Moxa Inc. (林上智, 四零四科技)
16:10-17:00 | Panel Discussion (English)
Facilitator: Kevin, OIN (黃鴻文)
Participants:
Shane Coughlan, OpenChain
Hiroyuki Fukuchi, Sony Japan
Lucien C.H. Lin, OCF (林誠夏, 開放文化基金會)
SZ Lin, Moxa Inc. (林上智, 四零四科技)
The meeting is free of charge and is open to anyone. Feel free to complete registration for this meeting via the below link.
https://dmfli.kktix.cc/events/openchaintwgm1
OpenChain 協助產業在碰觸或思索開源合規 (Open Source Compliance) 爭議或政策時,有一套流程可以提供參考!
開源軟體在全世界的應用非常廣泛,隨著開源軟體的商業化,複雜的開源授權規定也讓許多商業使用者不知所措,而層出不窮的侵權糾紛,也讓開源合規的議題逐漸受到企業重視。隸屬於 Linux Foundation Project 的 OpenChain 專案透過簡化及標準化開源合規實務,使企業、組織可更為有效滿足開源合規,從而建立產業供應鏈對開源軟體的信任。包含微軟、Google、高通、西門子、Sony 與 Uber 等都已採用OpenChain 進行開源合規管理並通過 OpenChain 認證。
這場工作坊將會介紹 OpenChain 專案,同時也邀請國內外的開源合規專家來分享實務經驗,以及在過程中如何克服遭遇到的困難。若是你正在使用、正要接觸開源軟體,或者是單純想要了解開源軟體,都歡迎你一起加入討論!
詳細議程與報名網址:
https://dmfli.kktix.cc/events/openchaintwgm1
本活動自由報名參加,座位有限,還請即早報名,以免向隅。
Time to catch up on our recent OpenChain India Work Group meeting! This English-language event was held on the 20th of August. This event was hosted by MCA and brought together a bunch of our local community. We are looking forward to next steps!
Join the India Work Group
SAN FRANCISCO, September 2, 2020 – The OpenChain Project announces Synopsys as the latest official OpenChain Partner.
“Black Duck, acquired by Synopsys in 2017, has long been recognized as a pioneer in the field of open source compliance tooling and management solutions,” says Matthew Jacobs, Director, Legal Counsel at Synopsys. “Encouraging and enabling organizations of all sizes to use open source in a responsible manner, respectful of the copyright holder’s intentions, requires a commitment to process and we are thrilled to join the OpenChain community in promoting adoption of, and commitment to, that process.”
“Matt Jacobs and the team at Synopsys have long been involved around the OpenChain Project via webinars and other outreach activity,” says Shane Coughlan, OpenChain General Manager. “It is great to welcome them into the program and provide additional freedom of choice for people seeking assistance from tooling vendors.”
About Synopsys
Synopsys technology is at the heart of innovations that are changing the way people work and play. Self-driving cars. Machines that learn. Lightning-fast communication across billions of devices in the datasphere. These breakthroughs are ushering in the era of Smart Everything―where devices are getting smarter, everything is connected, and everything must be secure.
Powering this new era of digital innovation are high-performance silicon chips and exponentially growing amounts of software content. Synopsys is at the forefront of Smart Everything with the world’s most advanced technologies for chip design, verification, IP integration, and software security and quality testing. We help our customers innovate from silicon to software so they can bring Smart Everything to life.
A new guide created by the OpenChain Korea Work Group in collaboration with NIPA, a Korean government agency, explains how local companies can easily and effectively comply with the OpenChain specification. This guide was prepared based on the following documents:
The guide will be revised after the ISO/IEC JTC1 PAS Transposition Process when the OpenChain specification becomes a formal International Standard.
Read The Guide
Learn More About The OpenChain Korea Work Group
Learn More about NIPA, the Korean Government Agency
Open Source Security, the company behind grsecurity – a security enhancement to the Linux kernel – has announced an OpenChain conformant program.
“While Open Source Security, Inc. has always taken license compliance seriously and involved highly-qualified legal counsel in drafting our company’s policies in compliance with those licenses, we recently became aware of the OpenChain project and its efforts in formalizing compliance practices within organizations using and improving Free and Open Source software,” says Bradley Spengler, President at Open Source Security. “Having verifiable documentation of our operating and review procedures became top of mind for us as we embark on expanding our operations. Formalizing the policies to include licenses and activities we are not yet involved in left us prepared for the future and was well-received by the team, particularly our junior staff. We thank the OpenChain project for providing a well-thought-out, comprehensive, and accessible standard to help organizations formalize and communicate their compliance practices.”
“The OpenChain industry standard is designed to help companies in all sectors address the issue of process management around the exceptional potential of open source,” says Shane Coughlan, OpenChain General Manager. “It is great to welcome Open Source Security into the fold with the announcement of another OpenChain conformant program. We look forward to future collaboration as our standard is increasingly adopted in their domain.”
Learn More About Open Source Security
当初 12/24 記事として公開していた記事 「OpenChain Japan WG 第13回会合のご案内」 は、諸事情により「一般公開」ができなくなりました。Japan WG (JWG) の活動に関心のある方は JWGのwiki から “OpenChain Japan WG ML” への参加をご検討ください。第13回会合の案内なども共有予定です。
そのため、Open Source Compliance 関連で別内容の記事を準備中です。
ご迷惑をお掛けします。
手元で気軽に使える OSS監査ツール環境を作りたかったのと、Linux を少しでも触ろうかなと思いやってみた… というか、やっているところ。
元ネタは、SONYの小保田さんが、Japan Technical Jamboree 70 にて 「FOSSology – Install from Sourceのススメ(pdf)」 を発表されたと OpenChain Japan WG の Tooling SWG 第5回(2019-10-17) で伺ったことによる。ただ、まったく同じ事をするのもどうかと思い、docker 上で動かしてみようかなと…
えぇ、そうです、Raspberry Pi 4 (4GB) を買うための理由にしました…
更新されるまでの間、最近気になった情報を紹介しますので、そちらをご覧頂けると幸いです。
FOSSology + SW360 と同じように、OSS を OSS で管理するためのツールです。
業務ワークフローや、組織間での情報管理などを意識している設計のように思われるため、OpenChain Japan WG の Tooling SWG メンバーでも関心が集まりつつあります。
Ibrahim Haddad, Published on December 22, 2019
Artificial Intelligence については、Ethics(倫理) に関する話題を目にしますが、利用する Open Source Software や Data といった構成する技術や要素についても議論があります。英文記事ですが、AI と Open Source について話題を振り返りつつ、来年に向けての課題整理のために目を向けて見るのはいかがでしょうか。
明日12月25日は、この Advent Calendar 企画の締めくくりとなります。
トヨタ自動車の遠藤さんが、Promotion SWG を紹介し、そして、この25日間を振り返ります。国内外の産業界が Open Source Compliance に注目する中、どんな話しが出てくるのでしょうか。お楽しみに!
忍頂寺です。所属等は別記事「Open Source Compliance のお役立ち情報まとめ・上 (12/14公開記事)」 を参照ください。「(同)下 (12/15公開記事)」もあります。
Join us on September 7 at 9am Pacific as Jari Koivisto talks about Open Source Issues Remediation, Gary O’Neall and Rohit Lodha talk about Community Bridge and SPDX Online Tools and David Wheeler talks about CII Best Practices (the project equivalent of the OpenChain standard).
This is part of the bi-weekly OpenChain Webinar series. We feature international speakers on a wide range of topics related to open source compliance challenges and solutions. Learn more here:
https://www.openchainproject.org/webinars-interviews
Join Our Webinar
Password
One Tap Telephone (no screensharing)
* +358 9 4245 1488,,9990120120# Finland
* +33 7 5678 4048,,9990120120# France
* +49 69 7104 9922,,9990120120# Germany
* +852 5808 6088,,9990120120# Hong Kong
* +39 069 480 6488,,9990120120# Italy
* +353 6 163 9031,,9990120120# Ireland
* +81 524 564 439,,9990120120# Japan
* +82 2 6105 4111,,9990120120# Korea
* +34 917 873 431,,9990120120# Spain
* +46 850 539 728,,9990120120# Sweden
* +41 43 210 71 08,,9990120120# Switzerland
* +44 330 088 5830,,9990120120# UK
* +16699006833,,9990120120# US (San Jose)
* +12532158782,,9990120120# US
Find your local number: https://zoom.us/u/abeUqy3kYQ ( https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fu%2FabeUqy3kYQ&sa=D&usd=2&usg=AOvVaw2yK4fS2trpB1lITLI31XE9 )
Not all countries have available numbers.
After dialing the local number enter 9990120120#
Check Out All Our Other Webinars
The OpenChain Project now has official merchandise! You will find everything from t-shirts to tote-bags to phone cases to mugs in our store. Everything is priced at cost with Threadless. Logos, penguins, country teams and a special global team image. It is all there.
Check Out The Zero Profit Store!
https://openchainproject.threadless.com/
Source Code For The Images
https://github.com/OpenChain-Project/Image-Assets/tree/master/Official/Threadless-Merchandise
One more thing…
We have a marketing budget for our country and international teams. Right there is $25 USD of merchandise per head for 400 people (including shipping). This is a thank you for everyone who helped make OpenChain what it is. Here is the allocation of the award funds based on the subscriber numbers to various country and global lists:
Please contact Rachel (operations@openchainproject.org) and let her know what you want. She will assemble a spreadsheet to track everything and we will order as each batch fills up.
Seth Newberry from the Joint Development Foundation joined us to provide an overview of what they do, how it impacts OpenChain, and what it means for other open source and related projects moving forward. As always we had some great comments and questions, and we look forward to getting more over time via our mailing lists and meetings!
Check Out The Slides
This is OpenChain Webinar #10, released on 2020-08-25.
© 2024 OpenChain. All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page. Linux is a registered trademark of Linus Torvalds. Privacy Policy and Terms of Use
