News

The OpenChain Japan Work Group held one of its regular in-person and virtual meetings on the 18th of May. You can check out the full recording below. The keynote is in English and the majority of the content is in Japanese.

The Keynote Slides Are Below

OpenChain Japan Work Group – Meeting 27 from Shane Coughlan

The OpenChain Project will run a mini-summit adjacent to Open Source Summit Europe (OSS EU) on the 18th of September 2023. As with previous mini-summits, we encourage everyone to come together and network in-person. There is also an option to attend virtually. There is a nominal fee of $5 to attend in-person but you can contact us if the causes issues for your budget.

During Open Source Summit North America (OSS NA), we had two talks on automation for security and compliance, and it was clear that this topic resonated. The Q&A ran long, and our agenda has to be shortened to reflect this.

To address this obvious market interest, we will again return to automation for OSS EU, and we will invite some of our European colleagues to do deep dives into the current state of the market. We want to ensure this is a practical event focused on the implementation of processes that support our standards for license compliance and security assurance in organizations.

Check out the Mini-Summit listing for the event:

Co-Located Events

Chris, Co-Chair of the Specification Work Group, hosted our monthly North America and Asia meeting. As usual, the focus was on editing the next generation of our specifications.

The focus of this call was on the Security Specification (ISO/IEC DIS 18974) and two issues were discussed and provisionally closed:

• Add program objectives
  https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/14
• Clarify Stated Purpose (Github) and Scope (specification):
  https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/28

Watch The Meeting

We have a new GitHub repository to hold all the meeting decks from the Monthly Meetings focused on editing next generation versions of our specifications:

• https://github.com/OpenChain-Project/Meeting-Minutes/tree/main/Slides

In 2017 the OpenChain Project and FSFE collaborated to make a CC0 version of the REUSE.software Specification 1.0 available for everyone to integrate into their organization processes and business logic. The goal is to eliminate any friction in leveraging this mechanism for better software management.

We are pleased to announce the REUSE.software Specification 3.0 is now available as CC0. You can access it via the OpenChain GitHub:
https://github.com/OpenChain-Project/Reference-Material/blob/master/General-Compliance-Support-Material/REUSE.software/en/REUSE.software-3.0.md

Please note that the REUSE.software initiative has grown substantially since the first generation of its release. You can find significant resources, including tooling to help usage, on the official REUSE.software website:
https://reuse.software

The OpenChain Project provides the global community with conformance badges. These allow organizations to easily show they have an OpenChain Standard-Related Program.

These badges have now been updated with an improved badge for ISO/IEC 5230:2000 (license compliance) and a new badge for ISO/IEC DIS 18974 (security assurance). If you are conformant or certifying someone, please feel free to use them:
https://github.com/OpenChain-Project/Image-Assets/tree/master/Official/Conformance-Badge

Note: we have added SVG versions of the badges along with AI, PNG, JPG and other formats. This tracks our move towards MarkDown and SVG where possible to make it easier to use things anywhere at any size.

The first meeting of the Legal Work Group took place on the 25th of April 2023 to explore model provisions for OpenChain ISO/IEC 5230 or ISO/IEC DIS 18974 in procurement contracts and similar material. We decided to proceed via mirroring the format of the pre-existing public domain Risk Grid:
https://github.com/OpenChain-Project/Reference-Material/tree/master/General-Compliance-Support-Material/Risk-Grid

Our 2nd meeting will take place on 2023-05-25 at 16:00 UTC (09:00 PDT / 18:00 CEST / 00:00 CST) to continue our work. Meanwhile, keep up-to-date via our mailing list:
https://lists.openchainproject.org/g/legal-wg

Reminder:

The goal is to ensure people can understand options. We will not be prescriptive and these model provisions will remain part of the OpenChain reference material. They will not be included in the standards themselves.

Are you familiar with open source and your organization’s use of open source software?

Take the Linux Foundation’s World of Open Source: Global Spotlight 2023 Survey!

TAKE THE SURVEY

Linux Foundation Research has launched the World of Open Source: Global Spotlight 2023 survey to explore the state of open source around the world. The research will investigate regional open source trends including the size and scope of open source programs across organizations and industries, opportunities and challenges in private and public sector engagement in open source, the value proposition of open source, and the use and adoption of open source technologies and best practices.

Your perspective is critical for us to capture open source trends at a global level.The survey should only take 10-15 minutes to complete.

We thank you for your participation. Upon completion of the survey, you will receive a code for a 25% discount on any Linux Foundation e-learning training course or certification exam, as long as you register before August 30, 2023.*

*This offer is available to anyone who completes the World of Open Source: Global Spotlight 2023 survey and uses the applicable coupon to purchase an e-learning course or certification between April 18, 2023 and August 30, 2023, 23:59 UTC. It is NOT valid for any other combination of e-learning or instructor-led-training courses or certifications. Discount limited to individual purchases ONLY. Offer not valid with any other discount combinations. Offer does not include FINOPS.

PRIVACY

You will not be asked for any personal identifying information. Reviews are attributed to your role, company size, and industry. Responses will be subject to the Linux Foundation’s Privacy Policy, available at https://linuxfoundation.org/privacy.

VISIBILITY

The data we collect from this survey will be analyzed to produce an in-depth survey report that will be shared with all survey participants and will be published on the Linux Foundation website in 2023. The dataset from this survey and instructions for its use will be made publicly available on the Linux Foundation’s Data.World account.

QUESTIONS

If you have questions regarding this survey, please email us at reseach@linuxfoundation.org

As those following recent news will know, we published a page on Wikipedia recently and it was quickly translated into French and German.

Now, thanks to Lucrezia Berto and Marc Galceran, the Spanish version of our page is live. Kudos to Across Legal are due here.

Check Out Our Spanish-Language Wikipedia Page:

• https://es.wikipedia.org/wiki/ISO/IEC_5230