Dr. Peter Ellsiepen at the European Space Agency (ESA) is kindly hosting a Tooling Work Group meeting at the European Space Operations Centre (ESOC). This event marks one of the early opportunities for parties interested in tooling and automation to get together and discuss which open source solutions they are applying to open source compliance.
The Tooling Work Group is chaired by Oliver Fendt from Siemens and has a diverse range of contributors from German, Japanese and international companies.
A new version of the one pager slide was circulated on the mailing list. The objective is to have the first release next week.
Upcoming Events: Oliver presented an overview of the interesting session from an OSS compliance perspective at Eclipsecon. Alexios asked about an overview of the interesting sessions at OSS Summit Europe. Michael J. sent an email with interesting talks at the OSS Summit Europe to the mailing list.
2. Sw360antenna Lars gave an overview about their work concerning automation and integration of the OSS compliance tools in the CI/CD workflow. He introduced two use cases (please see attached slides): 1. Automatic management of 3rd party dependencies This use case applies to “normal” software development, where the OSS component approval is triggered by the integration of the component. 2. Upfront dependency approval This use case applies to software development in regulated environments like safety critical systems, where the OSS components which will be integrated must be known upfront. If an unknown component is detected this will cause a policy violation. Aaron added that this use case is also common in the financial sector.
Lars mentioned that for having an overview about the licensing situation scancode is used and for the curation, approval and release FOSSology is used. He gave a nice live demo showing the working implementation of use case 1. Oliver mentioned that this demo covers the following functional blocks of the big picture: Dependency resolver Source package downloader License & Copyright Scanner Policy Checker Component & application inventory FOSS Compliance Bundle generator
3. Next Steps User stories: Kate mentioned that there is no user story covering the recipients of the compliance artifacts – the persons/organizations receiving the results of the process and results produced by the toolchain. Oliver said that such a user story will be added.
Next meeting: The next regular Wednesday meeting will be on 6th of Nov. On 10th of Oct there is the face to face meeting in Darmstadt
Does your company do open source? It is time to get involved with The Linux Foundation‘s OpenChain Project, the industry standard to make open source compliance quick, easy and efficient. Meet us at Open Source Summit Europe, hop on a call or join our mailing lists. All welcome!
The OpenChain Korea Work Group will hold its fourth meeting on the 2nd of December 2019 between 15:00 and 17:00 at Korea Telecom in Seoul. As always this meeting will be held in Korean and all parties from open source user companies are welcome to attend.
The fifth and sixth meetings have been announced for March and June 2020. Kakao and NCSoft respectively will be the hosts. Please watch this space for more details.
The OpenChain Automotive Workgroup has announced its second meeting. Join us at Open Source Summit Europe on the 29th October. Please note that we are in a hotel adjacent to the main conference venue.
Where?
August Lumiere Room Lyon Marriott Hotel Cité International 70 Quai Charles de Gaulle, 69463 Lyon, France
This is a Face-to-Face meeting with dial-in capability. See below for dial-in details.
When?
09:00~12:00 on the 29th of October 2019
What’s the Agenda?
Jonas Öberg (Scania) Open Source at Scania
Yuichi Kusakabe (Denso Ten) How to use OSS license tools (SW360 and SPDX Lite) with AGL release software
Shunsuke Tokumoto (Fujitsu) License management with SPDX
Sebastian Schuberth (Bosch) Bosch’s Activities in Automating OSS
Masato Endo (Toyota) Introduction of OpenChain and Automotive WG
Catch Up On Our First Meeting And Get A Feel For What’s Coming
Do I Need to Register?
No.
How Do I Dial-In?
Join the call: https://uberconference.com/openchainproject
Optional US dial in number: 855-889-3011 (No PIN needed)
The License Info Exchange Sub Work Group will host a meeting on the 15th of October. This meeting will be hosted by Fujitsu Marketing (Shinagawa, Tokyo). Everyone is welcome to join!
The Planning Sub Work Group will host a meeting on the 18th of October. This meeting will be hosted by Fujitsu ( Musashi-nakahara, Kawasaki). Everyone is welcome to join!
The Tooling Sub Work Group will host a meeting on the 17th of October. This meeting will be hosted by DeNA (Shibuya, Tokyo). Everyone is welcome to join!
