Skip to main content
Category

legal

Webinar: Linux License Clean-Up Disorder Dispelled + ISO 5230 in the Context of Security

By community, Featured, legal, licensing, News, security, standards, Webinar

This webinar unpacked the complexity and solutions for addressing licensing across a large code-base like the Linux Kernel, and it explained how ISO 5230 has been applied to the security domain by some parties in the supply chain.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #22, released on 2021-04-21.

Webinar: Automation Workflows, IP Protection, Legal Solvers

By community, Featured, legal, licensing, News, Webinar

This webinar covered three major items:

  1. Reference Workflows for Automation Around Open Source Compliance
  2. Protecting Your IP from Devaluation via OpenChain Compliance
  3. How To Approach The “legal solver” Topic

You can see some of the images and slides below.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #20, released on 2021-03-16.

Webinar: Open Source Issues Remediation + Community Bridge and SPDX Online Tools + CII Best Practices

By automation, Featured, legal, licensing, News, security, standards, Webinar

In our biggest webinar to date, Jari Koivisto talked about Open Source Issues Remediation, Gary O’Neall talked about Community Bridge and SPDX Online Tools and David Wheeler talked about CII Best Practices (the project equivalent of the OpenChain standard). Check out the full recording and the slides below.

Check Out All The Slides

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #11, released on 2020-09-11.

Webinar: Compliance @ GitLab

By Featured, legal, licensing, News, Webinar
This image has an empty alt attribute; its file name is avatar.png

We took a look at how GitLab addresses compliance for this webinar on the 20th of July. Mo Khan, Senior Backend Engineer, explained the approach offered to users and why it is effective. One of the most interesting things we explored is how it all works with CI/CD, a hot topic in the OpenChain community and beyond.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #8, released on 2020-07-20.

Webinar: Software Heritage + Making Compliance Scalable in a Container World

By community, Featured, legal, licensing, News, Webinar

This time we explored Software Heritage, an initiative whose goal is to collect, preserve, and share software code, and continued our discussion of containers from the perspective of scalable compliance.

Our speakers

Roberto Di Cosmo, Director at Software Heritage, explained why this initiative collects and preserves software in source code form with the understanding that software embodies key technical and scientific knowledge that humanity cannot afford to risk losing. His presentation helped provide insight into how such initiatives can link into activities like compliance automation in open source compliance, an area of immediate interest to the OpenChain community.

Scott Peterson, Senior Commercial Counsel at Red Hat, talked about how we can make compliance scalable in a container world. This talk will build on other recent presentations with a particular focus on efficiency and portability, with a “registry-native” approach to source code availability. Scott explained how this does not require updating container registries to include source code specific features, but instead can exploit features that are already contained in current registries.

Check Out the Slides

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #5, released on 2020-06-02.

Webinar: Unpacking SPDX 2 2 + SPDX Lite

By Featured, legal, licensing, News, standards, Webinar

In this webinar we unpacked how the newly released SPDX 2.2. SPDX, as a leading industry standard for Software Bill of Materials, plays a pivotal role in the implementation of practical manual and automated compliance programs.

Kate Stewart, Sr. Director of Strategic Programs at the Linux Foundation, explained how SPDX 2.2 works and what it means for the community. Kate has been a key driver of this standard over the last 10 years and can answer all your questions about what the current standard means, what projects support it, and the current state of the tooling landscape.

Yoshiyuki Ito, Principal Expert at RENESAS Electronics, provided an overview of SPDX Lite. This is a “Profile” for the SPDX 2.2 standard that helps companies deploy the Software Bill of Materials to match certain workflows, particularly with respect to suppliers to large companies using existing processes. Ito San and others in the OpenChain Japan Work Group created SDPX Lite to help ensure that the standard could seek adoption in as many production environments as possible with minimal friction.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #4, released on 2020-05-21.

Webinar: Contribution Policies + Open Source in M&A

By community, Featured, legal, licensing, News, standards, Webinar

In this webinar Tobie Langel spoke about ‘Open Source Contribution Policies That Don’t Suck.’ Leon Schwartz and Tony Decicco from GTC Law provided an overview of open source-related topics in the context of mergers, acquisitions, financings, investments, IPOs, divestitures, loans, customer license agreements, rep and warranty insurance and other transactions. Andrew Katz presented a due diligence questionnaire and sample warranties based on the the OpenChain specification.

More About This Webinar

Tobie Langel spoke about ‘Open Source Contribution Policies That Don’t Suck.’ In his own words: Open source contribution policies are long, boring, overlooked documents, that generally suck. They’re designed to protect the company at all costs. But in the process, end up hurting engineering productivity, and morale. Sometimes they even unknowingly put corporate IP at risk. But that’s not inevitable. It’s possible to write open source contribution policies that make engineers lives easier, boost morale and productivity, reduce attrition, and attract new talent. And it’s possible to do so while reducing the company’s IP risk, not increasing it.

Leon Schwartz and Tony Decicco from GTC Law provided an overview of open source-related topics in the context of mergers, acquisitions, financings, investments, IPOs, divestitures, loans, customer license agreements, rep and warranty insurance and other transactions. This covered:

  • Types of open source risk
  • Open source due diligence as part of transactions
  • Open source-related terms in agreements
  • The strategic use of open source in transactions

Andrew Katz presented a due diligence questionnaire and sample warranties based on the the OpenChain specification, and explained how adoption of this framework will drive further adoption of the standard. This builds on the observation that the OpenChain specification provides a great framework for due diligence and share purchase agreement warranties, even where the target is a software company which is not OpenChain compliant.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #3, released on 2020-05-07.

Webinar: China Update + Facebook Case Study

By community, Featured, legal, licensing, News, Webinar

This webinar is about the current Chinese market and it also provides an update on what Facebook is doing around open source governance and licensing.

Our Presenters

Maggie Wang spoke about OpenChain in China. Maggie’s background ranges from working as an in-house at Huawei to acting as the China representative for Ladas and Parry. Her unique experience in-house and as outside counsel positions her perfectly to help contextualize where we are with regards compliance, standardization and business reality in one of our most important markets.

Michael Cheng spoke about OpenChain at Facebook, a topic that ranges from adoption activity and broader leadership in the compliance space by the company. His perspective will provide added value given the simultaneous decision by Facebook, Google and Uber to join OpenChain as Platinum Members in late 2018, and plenty of runway for our audience to ask questions about real-life lessons learned.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #2, released on 2020-04-22.