The Linux Foundation Projects
Skip to main content
Category

News

RECORDING: OpenChain Monthly Specification and Education Call (Europe – Asia) – 2025-07-16

By News

We Discussed:

This was a busy meeting. Lead by Shane Coughlan (General Manager, OpenChain), and featuring discussions from Martin Yagi (Chair Education Work Group) and Marcel Kurzmann (OpenChain Board Member + SPDX Operations Profile team), we worked through the following agenda:

  1. Introducing new Work Group Chairs
  2. Education Work Group next steps
  3. AI Work Group – Draft AI Compliance Guide public comment period
  4. Specification Work Group – Approvals for updates to standards
  5. The new SPDX Operations Profile
  6. and more

Watch the Recording:

Check Out The Presenter Slides:

Coming Next:

  • With concrete targets for implementing agreed updates to the existing standards;
  • A new outreach beginning to triage further updates to the existing standards;
  • A provisional roadmap for further developing our education material;
  • And remaining four weeks of a six week public comment period before finalizing a new AI compliance guide;

We have full but focused activity ahead.

Join Our Work:

Everyone is welcome to be part of the Specification Work Group. You can join their mailing list here:
https://lists.openchainproject.org/g/specification/

You can find and be part of all OpenChain calls through our participation page here:
https://openchainproject.org/participate

OpenChain Tooling Work Group – The 2025 Video Series

By News

Video Overview Of The Work Group:

The OpenChain Tooling Work Group:

The OpenChain Tooling Work Group meets bi-weekly to discuss open source tooling for open source compliance. It covers license compliance, security compliance and regulatory compliance matters. Everyone is welcome to be part of the discussion, and you can always find the next scheduled meetings on the OpenChain Global Calendar: https://openchainproject.org/participate

Making It Easier To Participate:

The Tooling Work Group is one of the oldest activities, and it hosts its calls on a BigBlueButton instance on a Free Software Foundation Europe (FSFE) server. This is because Zoom, the default app used by Linux Foundation, is often not permitted in European companies, and the founding companies of the Tooling Work Group are based in Europe. The BigBlueButton instance records all the public OpenChain Tooling Work Group calls. You can log in (URL: https://conf.fsfe.org/b/compliance-tooling and meeting code: 199143 ) to view all those recordings.

However, we are always looking at ways to make it easier to be part of OpenChain Project activities. We are now also beginning to mirror the Tooling Work Group calls on the main OpenChain Project YouTube channel. We are starting with publishing the 2025 call series (so far). Over time, we plan to make all the legacy recordings available on that channel.

Please note: we have published some Tooling Work Group calls on the YouTube channel before. This is about moving from an ad-hoc to a more complete previous, and it an example of another small step towards sharing even more knowledge in even easier and more accessible ways.

You will find copies of the this year’s meetings below. We will also be posting backdated individual posts on the OpenChain newsfeed to aid with time-based searches and discovery.

OpenChain Tooling Work Group – 2025-02-20:

OpenChain Tooling Work Group – 2025-03-05:

OpenChain Tooling Work Group – 2025-03-20:

OpenChain Tooling Work Group – 2025-05-07:

OpenChain Tooling Work Group – 2025-05-21:

OpenChain Tooling Work Group – 2025-07-02:

Be Part of This:

Everyone is welcome to be part of the OpenChain Tooling Work Group. You can join the mailing list here: https://groups.io/g/oss-based-compliance-tooling

FAQ:

Q:

Why are some recordings missing?

A:

Not every call is recorded. Some are under Chatham House Rule or attendees express discomfort in being recorded. You will generally find recordings for calls with presentations / guest speakers.

OpenChain Overview Slides – Share The Path To A More Trusted Supply Chain (July 2025 Edition)

By News

Help Share Best Practices:

We publish a slide deck to help our community share information about the OpenChain Project, our standards, our community and our reference material. The slides are updated about once every month, and can be remixed to talk with different audiences about building a more trusted supply chain.

Download the Latest Slides:

You will always find our project overview slides in our reference library.

Coming Tomorrow: Our Monthly Europe / Asia call (2025-07-16) @ 08:30 UTC / 09:30 BST / 10:30 CEST / 16:30 CST / 17:30 JST + KST

By News

We have our monthly Europe / Asia call tomorrow (2025-07-16) @ 08:30 UTC / 09:30 BST / 10:30 CEST / 16:30 CST / 17:30 JST + KST

  • We will cover activity in the Education Work Group
  • We will cover formal outcomes in the Specification Work Group
  • We will check out the AI Compliance Guide Public Comment Period
  • We will hear about what’s happening with the SPDX Operations Profile

In other words, lots of standards, processes and reference material. This goes beyond news, and into impactful action items underway across our community.

Be part of this. 🙂

Join here:

https://zoom-lfx.platform.linuxfoundation.org/meeting/98605614769?password=dd739f3e-5991-4c87-b428-39a7b550ca0d

OpenChain Tooling Work Group – Next Meeting on the 16th of July @ 17:00 CEST (15:00 UTC)

By News

About Our Work Group:

The OpenChain Tooling Work Group holds meetings on a bi-weekly schedule. They allow anyone with an interest in open source tooling for license, security or other compliance matters to learn, share and collaborate. All levels of experience are welcome.

Next Meeting:

Our next meeting takes place on the 16th of July 2025 at 17:00 CEST (15:00 UTC).

Dial-In:

Coming Soon: Unlocking Potential – Case Study on ZF’s ISO 5230 Third-Party Certification with TIMETOACT

By News

The OpenChain Project will hold a webinar on the 29th of July 2025 to provide a case study on how ZF – one of the world’s largest automotive suppliers – collaborated with TIMETOACT to obtain third-party certification for OpenChain ISO/IEC 5230.

2025-07-29 @ 07:00 UTC / 08:00 BST / 09:00 CEST / 15:00 CST / 16:00 KST + JST

Join at the start time using this link:
https://zoom-lfx.platform.linuxfoundation.org/meeting/91433079580?password=a677a4f4-2af5-4453-8ec9-07dcc28f9656

Abstract:

This case study is suitable for organizations new to the OpenChain standards, organizations in the process of adopting the standards, or organizations reviewing how others met this milestone in open source process management. It will be structured as a series of short section presentations that provide:

  • A brief introduction to ISO/IEC 5230
  • The importance of ISO/IEC in the automotive industry
  • ZF’s certification journey
  • Forming an OSPO
  • Steps taken to accomplish ISO/IEC 5230 certification
  • Challenges faced
  • Role of TIMETOACT in the certification process
  • Gap analysis with TIMETOACT and ZF
  • How ZF used OpenChain and InnerSource Commons resources
  • Lessons learned
  • Closing thoughts

More About Our Webinars:

This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.

Check Out The Rest Of Our Webinars

This OpenChain Webinar will be broadcast on 2025-07-29.

Element Announces OpenChain ISO/IEC 5230 Conformant Program

By Featured, News

About Element

Element is a decentralized and flexible communications platform, built on the Matrix open standard, that gives people and organizations the independence to communicate with confidence. Learn more: https://element.io

About the OpenChain Project:

The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs.

About The Linux Foundation:

The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

Check Out The Publicly Announced Community of Conformance:

Woven by Toyota Completes OpenChain ISO 5230 Re-Conformance

By Featured, News

Woven by Toyota, a company designed to drive the evolution of mobility to enhance safety, peace of mind, fulfillment and opportunity for all, has completed its periodic re-conformance to the OpenChain ISO/IEC 5230 specification. ISO/IEC 5230 is the international standard for open source license compliance process management, and has seen widespread adoption throughout the mobility industry.

All our publicly announced conformance programs:

RECORDING: OpenChain Germany – 2H 2025 and Beyond – A Strategy Discussion

By News

We Held A Meeting To Discuss Three Things:

  1. To identify what is happening in the country around open source process management
  2.  What we can usefully contribute to increase value in this area for local businesses, projects and government
  3. Any areas of concern that might need global community assistance

Watch the Meeting:

Identified Challenges Faced for the OpenChain Germany Work Group:

Our current challenge is a lack of momentum in our meeting schedule and discussions. The challenge appears to be caused by two things:

  • Lack of time on everyone’s part
  • A wide variety of activities making it difficult to focus energy

Identified Priorities for the German Market:

Suggested Next Steps: 

Discussion Document:

We have created a document to help everyone share ideas (and refine other ideas) about next steps in the country. You can find and add comments to the document here:

RECORDING: OpenChain India – 2H 2025 and Beyond – A Strategy Discussion

By News

We Held A Meeting To Discuss Three Things:

  1. To identify what is happening in the country around open source process management
  2.  What we can usefully contribute to increase value in this area for local businesses, projects and government
  3. Any areas of concern that might need global community assistance

Watch the Meeting:

Identified Challenges Faced for the OpenChain India Work Group:

Our current challenge is a lack of momentum in our meeting schedule and discussions. The challenge appears to be caused by two things:

  • Lack of time on everyone’s part
  • A wide variety of activities making it difficult to focus energy

Identified Priorities for the Indian Market:

Suggested Next Steps:

  • Identify where ISO/IEC 5230 and ISO/IEC 18974 can assist
  • Identify where OpenChain reference material can assist
  • Discuss if we can create new reference material to assist

Discussion Document:

We have created a document to help everyone share ideas (and refine other ideas) about next steps in the country. You can find and add comments to the document here: