This is a record of the OpenChain Project Work Team Call from 03-16-2020.
Get the agenda slides
Watch the video minutes
All OpenChain call outcomes are archived on our wiki
The OpenChain Reference Tooling Work Group meets on a bi-weekly schedule via teleconference to discuss one of the most pressing issues around open source compliance: how do we automate as much as possible? The work group has been active since summer 2019 mapping out how references toolchains can be described and shared, helping companies exploring automation with open source to begin engagement with the field. The core concept behind the work group is to create a situation where any company wishing to use open source tooling for open source compliance can do so, and making it clear where interoperability is focused for companies operating a hybrid approach of proprietary and open source tools.
Learn More
Get Involved
Today the OpenChain Project is releasing a community contribution from Ibrahim Haddad covering metrics that can be applied to evaluate source code scanning tools. This is a timely topic, given the amount of discussion around our global community around automation, and the initial release of this document is intended to encourage discussion about what a final, official OpenChain reference document could contain.
Get this guide and many more documents in the OpenChain Reference Library: https://github.com/OpenChain-Project/Reference-Material
The fifth meeting of the OpenChain Korea Work Group will take place as a remote conference call at 2pm on the 19th of March. All interested parties are invited to attend and to help make the first major meeting in Korea this year a success. Topics will include a review of open source use in enterprises, an exploration a new ‘Introduction to OpenChain’ manual published by NIPA, and a collaborative round-table session on Bill of Material tracking.
Join the Meeting
- Schedule: 2020-03-19 (Thu) 2:00~ pm
- How to join on PC
(1) PC에서 https://uberconference.com/openchainproject 접속
(2) Your Name 입력 후, “Join audio-only” 클릭하여 방에 입장
(3) Confirm settings 화면에서 마이크와 스피커 설정 확인 후 > Join conference - How to join on Phone
(1) 핸드폰에서 02-6022-2388로 전화
(2) 855 889 3011 # 입력
Get More Details on the Meeting
Get More Details on all OpenChain Korea Activities
The OpenChain Project is delighted to welcome South Toranomon Law Offices as the latest participant in our partner program. South Toranomon Law Offices is one of the oldest leading business law firms in Japan, providing services and support around litigation, general corporate, intellectual property, employment, international and professional liability among other things. They have deep experience in working with corporate clients around the management of open source software, including in the area of open source license compliance.
“South Toranomon Law Offices are the first law firm in Japan to join the OpenChain Partner Program,” says Shane Coughlan, OpenChain General Manager. “We are delighted to have the opportunity to collaborate with legal professionals such as Uenuma San and Katayama San in the development of strong support services for the OpenChain industry standard in Japan.”
Learn More About South Toranomon Law Offices
The fifth edition of the seminal open source compliance book by Dr Till Jaeger and Professor Axel Metzger is now out in German. This updated edition features OpenChain prominently in the compliance chapter, further solidifying our place in the larger software governance ecosystem, and ensuring a new audience can understand our role in defining the key requirements of quality open source compliance programs. While an English version of this book is not available, OpenChain has an extensive and growing German Work Group, and we hope this text may be useful in discussions with suppliers.
Get a Copy
Fiducia & GAD came third in the public award voting AND received the special Jury Award at the recent SAM Strategies event held in Germany. Stefan Thanheiser and his team have spearheaded the topic of open source license compliance in software asset management, and have been an early participant in the OpenChain Project German community as we formalize the key requirements of quality open source compliance programs. We are delighted to celebrate their work and promotion of OpenChain in Germany and beyond.
Learn More About Fiducia & GAD
Check Out SAM Strategies
Jan Thielscher and his team at EACG have prepared a one-slide overview of the OpenChain Project. Clear, easy-to-digest communication is critical as OpenChain expands and our industry standard for open source compliance is more widely adopted. We deeply appreciate all the work by our users and partners in helping with this process.
The EACG overview material is licensed under CC-BY-SA-4.0. It is not part of our CC-0 reference library but it is freely available.
Get It Here
As part of the OpenChain Project’s ongoing commitment to providing a large library of useful reference material, and thanks to the kind contribution of Ibrahim Haddad, we are delighted to release a series of draft worksheets to help companies with their governance activities. This material is sourced from Ibrahim’s book ‘Assessment Of Open Source Practices As Part Of Due Diligence In Merger and Acquisition Transactions’. You can get the full book for free on the Linux Foundation website.
The Draft Worksheets Cover
- Adaption of Business Processes
- Automation and Tool Support
- Community Contributions
- Compliance Process Management
- Compliance Staffing
- Discover of Open Source Software
- Obligation Satisfaction
- Open Source Software Inventory
- Policy
- Process Adherence
- Review and Approval of the Usage of Open Source Software
- Training
- Verification
As usual this additions to the OpenChain Project library are under CC-0. We look forward not only to your use of this material, but also your help in further improving it over time.
Get this guide and many more documents in the OpenChain Reference Library: https://github.com/OpenChain-Project/Reference-Material
SAN FRANCISCO, MARCH 5, 2020 – The OpenChain Project is delighted to announce that id est avocats is our latest partner organization. A boutique corporate and technology law firm based in Switzerland, id est avocats provides an exceptional bridge into industry sectors where OpenChain will become increasingly important.
id est avocats has a strong track record helping innovative businesses, successful entrepreneurs, top VCs and global brands navigate today’s digital world, and is also regularly trusted by large Swiss and international companies for their expertise in technology, life sciences and media sectors, but also in M&A transactions and financing.
“Open source has always been in the firm’s DNA; becoming a partner of OpenChain is for us a natural step” says Michel Jaccard, id est avocats’ founder and partner. “With its focus on excellence and on building positive long-term relationships, there is also a clear alignment in values between our firm and the OpenChain Project” adds Juliette Ancelle, who heads the IP practice at the firm.
The OpenChain standard defines inflection points in business workflows where a compliance process, policy or training should exist to minimize the potential for errors and maximize the efficiency of bringing solutions to market. The companies involved in the OpenChain community number in the hundreds. The OpenChain standard is being prepared for submission to ISO and evolution from de facto into a formal standard this year.
“The OpenChain Project has a strong emphasis on ensuring the support infrastructure for adoption is as comprehensive as possible as we complete the ISO process,” says Shane Coughlan, OpenChain General Manager. “Michel Jaccard and the team at id est avocats have exceptional knowledge in this field and provide us with a substantial increase in coverage and knowledge throughout the OpenChain Partner Program.”
About id est avocats
id est avocats (www.idest.pro) is an award winning boutique law firm based in Switzerland, specialized in advanced technologies, intellectual property, corporate finance and acquisitions. The firm places industry knowledge at the heart of its activity and enjoys well-established relationships with global brands, prominent entrepreneurs, institutional investors, international groups and many CEOs and owners of businesses that it has assisted in growth, acquisitions, combinations, restructurings, and exits. The firm regularly interacts with law firms from across the world, and is well connected with multinational practices based in key European markets, in the United States and in Asia.
About the OpenChain Project
The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain. More information can be found at www.openchainproject.org.
About The Linux Foundation
The Linux Foundation is the organization of
choice for the world’s top developers and companies to build ecosystems
that accelerate open technology development and industry adoption.
Together with the worldwide open source community, it is solving the
hardest technology problems by creating the largest shared technology
investment in history. Founded in 2000, The Linux Foundation today
provides tools, training and events to scale any open source project,
which together deliver an economic impact not achievable by any
one company. More information can be found at www.linuxfoundation.org.
The Linux Foundation has registered trademarks and uses trademarks. For a
list of trademarks of The Linux Foundation, please see our trademark
usage page: https://www.linuxfoundation.org/trademark-usage.
Linux is a registered trademark
of Linus Torvalds.
Media Contacts:
OpenChain Project
Shane Coughlan
+818040358083
coughlan@linux.com
