Skip to main content
Category

News

OpenChain Webinar #1: Supply Chain Governance (Nikolay ) and Container Compliance (Armijn)

By News

The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kick off on Monday the 6th of April at 9am Pacific (6pm in Brussels) with two guest speakers.

Dr. Nikolay Harutyunyan will speak about ‘Corporate Open Source Governance of Software Supply Chains’, a talk based on recently published research constituting material from a literature review of 87 publications, a qualitative survey of 20 primary materials and 21 expert interviews at 15 companies. This bridged into a 2.5-year longitudinal study into a company that was just getting started with open source governance and following their evolution.

Armijn Hemel, MSc will speak about Docker container compliance. He has an extensive background as an internationally recognized expert in the field of GPL license compliance engineering with a particular focus on practical solutions to real-world product and service challenges. While best known for his work in embedded technology, Armijn has been exploring the topic of container compliance in recent years, and has been at the forefront of defining best practices in this space.

Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Everyone is invited to join this free webinar via zoom. It will also be recorded and made available later on our website. Additionally, our Third Monday April webinar schedule will be announced on this call. We have a stellar line up.

Join Our Zoom Meeting

One Tap Telephone (no screensharing)

  • +358 9 4245 1488,,9990120120# Finland
  • +33 7 5678 4048,,9990120120# France
  • +49 69 7104 9922,,9990120120# Germany
  • +852 5808 6088,,9990120120# Hong Kong
  • +39 069 480 6488,,9990120120# Italy
  • +353 6 163 9031,,9990120120# Ireland
  • +81 524 564 439,,9990120120# Japan
  • +82 2 6105 4111,,9990120120# Korea
  • +34 917 873 431,,9990120120# Spain
  • +46 850 539 728,,9990120120# Sweden
  • +41 43 210 71 08,,9990120120# Switzerland
  • +44 330 088 5830,,9990120120# UK
  • +16699006833,,9990120120# US (San Jose)
  • +12532158782,,9990120120# US

Find your local number: https://zoom.us/u/abeUqy3kYQ
Not all countries have available numbers.

After dialing the local number enter 9990120120#

OpenChain プロジェクトおよび OpenChain Japan WG のご紹介

By News

株式会社日立製作所 今田律夫

はじめに

OpenChainプロジェクト は、The Linux Foundation の公式プロジェクトの一つです。今回は、OpenChainプロジェクトおよびOpenChain Japan WGについてご紹介します。

OpenChainプロジェクト

オープンソースソフトウェア (以下ではOSSと略します) の活用にあたっては、各ソフトウェアの著作者が定めたライセンスを遵守する必要があります。特に、組織においてOSSを活用する場合、組織に入ってくるOSS (Inbound)、組織から出ていくOSS (Outbound) の両方について適切な管理が行われるよう、管理体制の確立が必要になります。OpenChainプロジェクトは、各組織が組織内に確立すべきOSSコンプライアンスプログラムの要件をOpenChain仕様として定義し、その普及を推進しています。また、OpenChainプロジェクトは、OpenChain仕様のISO規格化を進めています。

OpenChainプロジェクトの会員資格

OpenChainプロジェクトの会員資格には、The Linux Foundationの会員企業が参加できる有償のプラチナ会員と、コミュニティ会員とがあります。プラチナ会員は本稿の執筆時点で、Adobe, ARM, Bosch, Cisco, Comcast, Facebook, 富士通, Google, 日立製作所, Microsoft, パナソニック, Qualcomm, Siemens, ソニー, 東芝, トヨタ自動車, Uber, Western Digitalの18社です。コミュニティ会員は誰でも参加でき、メーリングリスト、電話会議、ワークショップ等を通じて、前述のOpenChain仕様の策定やその他関連文書の作成など、様々な活動に参加できます。

OpenChain Japan WG

上記のプラチナ会員に複数の日本企業が参加したことをきっかけとして、OSSコンプライアンスに関して日本語で情報交換を行える場所を作りたいということで、2017年に活動を開始しました。以来、メーリングリストや定期的な会合を開催するなど、活動を継続しています。

OpenChain Japan WGの活動状況

2~3カ月ごとに全体会合を開催しています。これまでに11回の全体会合を開催しました。

  • 第1回会合 2017年12月27日(水) ソニー本社 クリエイティブラウンジ
  • 第2回会合 2018年2月22日(木)日立製作所 品川オフィス
  • 第3回会合 2018年4月19日(木)パナソニック Wonder Lab Osaka(大阪)
  • 第4回会合 2018年6月13日(水)トヨタ自動車名古屋オフィス(ミッドランドスクエア)
  • 第5回会合 2018年8月31日(金)富士通川崎工場(神奈川県川崎市)
  • 第6回会合 2018年10月31日(水)東芝(神奈川県川崎市幸区)
  • 第7回会合 2018年12月5日(水)テュフズードジャパン(東京都新宿区)
  • 第8回会合 2019年2月28日(木) 三菱電機 本社(東京都千代田区)
  • 第9回会合 2019年4月18日(木) デンソーテン(兵庫県神戸市)
  • 第10回会合 2019年7月16日(火) 富士通ソリューションスクエア(東京都大田区)
  • 第11回会合 2019年9月19日(木) オリンパス (技術開発センター宇津木)

また上記以外に数回のAd hoc会合も開催しています。これらの会合の様子は、Wiki に写真を掲載していますのでご覧ください。今後のイベントにつきましては、こちら をご覧ください。

サブワーキンググループ (SWG) 活動

テーマ毎にSWGを作って活動しています。本稿の執筆時点では以下のSWGが活動しています。各SWGの活動内容については、このアドベントカレンダーで順次ご紹介します。

  • Planning SWG
  • FAQ SWG
  • サプライチェーン上流向けリーフレット SWG
  • 「役割ごとの教育資料」SWG
  • 組織間のライセンス情報授受 SWG
  • プロモーション SWG
  • ツール SWG

メーリングリストへの参加方法

OpenChain Japan WGには4つのメーリングリストがあります。各メーリングリストに参加するには、それぞれ下記のアドレスにメールを送信してください。機械的に処理されますので、メール本文の記載は必要ありません。なお、システム変更に伴い2019年10月30日以降、メーリングリストの参加方法が変わりました。以前の情報をお持ちの方はご注意ください。

OpenChain Japan WG ML: japan-wg+subscribe@lists.openchainproject.org
ライセンス情報 SWG ML: japan-sg-licensing+subscribe@lists.openchainproject.org
Planning SWG ML: japan-sg-planning+subscribe@lists.openchainproject.org
Tooling SWG ML: japan-sg-tooling+subscribe@lists.openchainproject.org

OpenChain プロジェクトのメーリングリストについては、こちらをご覧ください。

Slack

メンバーのコミュニケーションの手段として、Slackも活用しています。

おわりに

以上、OpenChain プロジェクトおよびOpenChain Japan WGについて簡単にご紹介しました。OpenChain Japan WGは、OSSコンプライアンスに関して日本語で仲間づくり、情報交換、OSSコミュニティへの貢献ができる場です。皆様のご参加をお待ちしています。

OpenChain Reference Tooling Work Group – Next Meeting April 8th at 9am UTC+2

By News

Proposed Agenda

1. Continue on best practices for container compliance  

Join The Call

To enjoy the best possible experience while working with Circuit on your desktop computer, try Circuit Desktop App, Chrome or Firefox.

  • To participate in a voice-only conference, dial one of the below numbers and enter this code: 6784 3507 96 #
  • Your microphone will be muted. Press *3 to unmute it.

Frequently used dial-in numbers:

Canada (English): +19292704096
  tel:+19292704096,,6784350796#

China, Peoples Republic (中文): 4008198763
  tel:4008198763,,6784350796#

Germany (Deutsch): +498923128020
  tel:+498923128020,,6784350796#

Spain (Español): +34912158038
  tel:+34912158038,,6784350796#

United Kingdom (English): +442076606076
  tel:+442076606076,,6784350796#

United States (English): +19292704096
  tel:+19292704096,,6784350796#

All dial-in numbers:

Argentina (Español): +541159842552
  tel:+541159842552,,6784350796#

Australia (English): +61282784325
  tel:+61282784325,,6784350796#

Austria (Deutsch): +4313602774621
  tel:+4313602774621,,6784350796#

Belgium (English): +3226200317
  tel:+3226200317,,6784350796#

Brazil (English): +551138788268
  tel:+551138788268,,6784350796#

Bulgaria (English): +35929358238
  tel:+35929358238,,6784350796#

Canada (Français): +18887768707
  tel:+18887768707,,6784350796#

Canada (English): +18887768708
  tel:+18887768708,,6784350796#

Canada (English): +19292704096
  tel:+19292704096,,6784350796#

Canada (Français): +15148412132
  tel:+15148412132,,6784350796#

Chile (Español): +56226188362
  tel:+56226188362,,6784350796#

China, Peoples Republic (中文): 4008198763
  tel:4008198763,,6784350796#

Colombia (Español): +5714864866
  tel:+5714864866,,6784350796#

Costa Rica (Español): +50625397362
  tel:+50625397362,,6784350796#

Croatia (English): +38517776197
  tel:+38517776197,,6784350796#

Czech Republic (English): +420225382900
  tel:+420225382900,,6784350796#

Denmark (English): +4535158116
  tel:+4535158116,,6784350796#

Dominican Republic (Español): +18299566315
  tel:+18299566315,,6784350796#

Ecuador (Español): +1800000742
  tel:+1800000742,,6784350796#

El Salvador (Español): +50321367565
  tel:+50321367565,,6784350796#

Estonia (English): +3726868885
  tel:+3726868885,,6784350796#

Finland (English): +358981710072
  tel:+358981710072,,6784350796#

France (Français): +33185148486
  tel:+33185148486,,6784350796#

Germany (Deutsch): +498923128020
  tel:+498923128020,,6784350796#

Greece (English): +302111809487
  tel:+302111809487,,6784350796#

Guatemala (Español): +50223661200
  tel:+50223661200,,6784350796#

Hungary (English): +3614292267
  tel:+3614292267,,6784350796#

Indonesia (English): +622150851722
  tel:+622150851722,,6784350796#

Ireland (English): +35315339866
  tel:+35315339866,,6784350796#

Israel (English): +97237207564
  tel:+97237207564,,6784350796#

Italy (Italiano): +390699748020
  tel:+390699748020,,6784350796#

Japan (English): +81366344738
  tel:+81366344738,,6784350796#

Kazakhstan (English): +77273122918
  tel:+77273122918,,6784350796#

Korea South (English): +82264108576
  tel:+82264108576,,6784350796#

Latvia (English): +37166163137
  tel:+37166163137,,6784350796#

Lithuania (English): +37052141723
  tel:+37052141723,,6784350796#

Luxembourg (Français): +35227300013
  tel:+35227300013,,6784350796#

Malaysia (English): +60320535108
  tel:+60320535108,,6784350796#

Mexico (Español): +525550912420
  tel:+525550912420,,6784350796#

Morocco (English): +212520480311
  tel:+212520480311,,6784350796#

Netherlands (English): +31207219093
  tel:+31207219093,,6784350796#

Norway (English): +4723500290
  tel:+4723500290,,6784350796#

Oman (English): +96880074490
  tel:+96880074490,,6784350796#

Oman (English): 80074490
  tel:80074490,,6784350796#

Pakistan (English): +92518108858
  tel:+92518108858,,6784350796#

Peru (Español): +5117087113
  tel:+5117087113,,6784350796#

Philippines (English): +63283953534
  tel:+63283953534,,6784350796#

Poland (English): +48225048376
  tel:+48225048376,,6784350796#

Portugal (English): +351210608117
  tel:+351210608117,,6784350796#

Romania (English): +40311305020
  tel:+40311305020,,6784350796#

Russian Federation (Русский): +73433511796
  tel:+73433511796,,6784350796#

Russian Federation (Русский): +74232492964
  tel:+74232492964,,6784350796#

Russian Federation (Русский): +74957459864
  tel:+74957459864,,6784350796#

Russian Federation (Русский): +78127186937
  tel:+78127186937,,6784350796#

Singapore (English): +6563131571
  tel:+6563131571,,6784350796#

Slovakia (English): +421250112159
  tel:+421250112159,,6784350796#

Slovenia (English): +38616002736
  tel:+38616002736,,6784350796#

South Africa (English): +27118446101
  tel:+27118446101,,6784350796#

Spain (Español): +34912158038
  tel:+34912158038,,6784350796#

Sweden (English): +46851992037
  tel:+46851992037,,6784350796#

Switzerland (English): +41225675325
  tel:+41225675325,,6784350796#

Thailand (English): +6621040793
  tel:+6621040793,,6784350796#

Turkey (English): +902123755830
  tel:+902123755830,,6784350796#

United Arab Emirates (English): 800035704335
  tel:800035704335,,6784350796#

United Kingdom (English): +442076606076
  tel:+442076606076,,6784350796#

United States (English): +19292704096
  tel:+19292704096,,6784350796#

Uruguay (Español): +59829028657
  tel:+59829028657,,6784350796#

Venezuela (Español): +582123358895
  tel:+582123358895,,6784350796#

Vietnam (English): +842844581451
  tel:+842844581451,,6784350796#

OpenChain Reference Tooling Work Group – Minutes of the March 25th Meeting

By News

1. News
Oliver informed all that Haksung created an overview about sw360 in Korean language.
Further Oliver created a new branch “containers” in our Github repo and provided there the material shown in the last meetings. The idea is to collect all material about containers and license compliance in the directory “Container-License-Compliance”, once having good content available Oliver wants to reach out to Shane and ask him whether is would be possible to generate an official OpenChain “container compliance leaflet”.

Alexios shared that the development of SPDX-3.0 has started. SPDX-3.0 will support different profiles which will implement different use cases. Now there is a good opportunity to introduce changes to the SPDX standard, which break backward compatibility, since the version 3.0 will not be backward compatible with the previous versions. He also said if there are requirements towards the specification from our side, we are warmly welcome to contribute them. The new version will contain examples how it shall be used.
The Github repos of SPDX specification can be found here: https://github.com/spdx/spdx-spec

2. License compliant containers:
Oliver presented the content of the branch and the directory https://github.com/zvr/Sharing-creates-value/tree/containers/Container-License-Compliance . There was the comment that we shall also provide a “Q&A” on which tools shall be used in order to achieve the best practices. Further is was suggested to provide also a description of the desired results  and provide concrete examples.

3. New features in sw360
Michael presented the new features implemented in sw360. There will be changelog functionality in order to verify who changed what. Sw360 is able to “read” SPDX Boms and to generate the corresponding data. He asked for support in further testing this feature because there are many different scenarios, which have to be covered. The integration of sw360 with FOSSology via REST API is improved and FOSSology scans can be triggered automatically.
There was the question whether sw360 is able to generate the “OSS disclosure document” – yes it is possible to generate the OSS disclosure document with sw360. There are two options available to do that – either via REST API or via GUI. The same applies to the generation of the source code bundle.

4. Next steps:
Next meeting will be at 8th of April the invitation was sent to the mailing list
Proposed Agenda Item: continue on best practices for container compliance

Review The Slides Presented

https://www.slideshare.net/ShaneCoughlan3/12th-meeting-openchain-reference-tooling-work-group-25th-march-slides 

OpenChain Korea Work Group Meeting # 5 – Video Minutes – 19th March

By News

The full video minutes of our most recent OpenChain Korea Work Group meeting are now available. This was a virtual meeting due to the COVID-19 situation. Great thanks to all involved in hosting the event and preparing this video! Special thanks to Haksung Jang @ SK Telecom and Seo Yeon Lee @ LINE for getting these post event reports together.

Keep Up With The Korean Work Group

Join The Korean Mailing List

OpenChain Japan Work Group: Republishing the Advent Calendar

By News

During the December 2019 period the OpenChain Japan Work Group ran a series of articles covering OpenChain, their work, and what it means to companies. We will be republishing this calendar in Japanese on the main OpenChain blog over the coming weeks, and we hope to share some English translations after that.

Check Out The First Article

If you want to skip ahead, you can see the whole series here:

OpenChain Newsletter #35

By Monthly Newsletter, News

Newsletter – Issue 35 – March 2020

OpenChain Japan Work Group: Republishing the Advent Calendar

During the December 2019 period the OpenChain Japan Work Group ran a series of articles covering OpenChain, their work, and what it means to companies. We will be republishing this calendar in Japanese on the main OpenChain blog over the coming weeks, and we hope to share some English translations after that.

Check Out The First Article

If you want to skip ahead, you can see the whole series here:


OpenChain @ Translations

OpenChain @ GitHub

  • The OpenChain Project has a substantial presence on GitHub. We use our space to store core documents like the project charter and specification, our growing library of reference material under CC-0 licensing, and other material like our project image assets. This allows our global community to quickly access, share and improve all aspects of our work. Find out more:
    https://www.openchainproject.org/news/2020/03/23/openchain-on-github-march-2020

OpenChain @ Conformance

OpenChain @ Partners

OpenChain @ Work Groups

OpenChain @ Events

OpenChain @ In The News

Webinar with GTC Law and FOSSID – Open Source Software and Code Snippets

By News

GTC Law and FOSSID, two official partners of the OpenChain Project, will host a webinar on March 26th 2020 at 9:30 am EST that covers open source software and code snippets: the benefits, the pratfalls, and how to use FOSSID tools to manage compliance and mitigate risks.

This webinar will dive into OpenChain and will explain the value proposition for businesses leveraging open source software in products or services.

Learn More

Register