David Rudin over at Microsoft has written a great blog post unpacking how and why OpenChain Conformance was important to his company. Check out some highlights below and do take a moment to read the full post over at Microsoft’s official Open Source Blog.
Trust is key to open source. Developers should be able to trust users to respect their licensing choices. And when you receive software, you should be able to trust that the open source licenses were followed. The OpenChain Project plays an important role in building trust by setting standards that define how to operate a high-quality open source compliance program. It means that when you receive open source from a company that follows the OpenChain standard, you can be assured that the code went through a rigorous license compliance process. You can trust it.
At Microsoft we’re continually working with the community to help build and enhance trust in open source. When we first started working with OpenChain, our goal was to help develop a specification that could meet the compliance needs of the entire open source community – from the single developer to the largest enterprise. And today we’re happy to announce that Microsoft is now OpenChain 2.0 conformant.
The OpenChain Project is delighted to announce that we have official business cards and lanyards for our contributors around the world to use at events. We are releasing these today so that our vibrant community can proudly identify with our project while sharing leaflets, hosting booths and attending broader open source conferences.
SAN FRANCISCO, DECEMBER 12 – Today, the OpenChain Project announced Microsoft, a Platinum Member, is the latest company to achieve OpenChain conformance. This milestone is an example of how OpenChain can be an important part of building quality open source compliance programs that meet the needs of companies and that build trust in the ecosystem.
The OpenChain Project establishes trust in the
open source from which software solutions are built. It accomplishes
this by making open source license compliance simpler and more
consistent. The OpenChain Specification defines inflection points
in business workflows where a compliance process, policy or training
should exist to minimize the potential for errors and maximize the
efficiency of bringing solutions to market. The companies involved in
the OpenChain community number in the hundreds. The OpenChain
Specification is being prepared for submission to ISO and evolution from a
growing de facto standard into a formal standard.
“Open source compliance is a top priority for
Microsoft and we respect the license choices developers make”, said David
Rudin, Assistant General Counsel, Microsoft. “We value our partnership with
OpenChain to help build trust in the larger open source community. Through
investments in open source policy, tools to identify open source software, and collaboration
with the open source community in projects like OpenChain, the TODO Group, and
ClearlyDefined, we are committed to working with the community to develop and
share best practices for open source compliance.”
“Microsoft has been an exceptional contributor to the OpenChain Project both in terms of board engagement and in broader engagement with our work teams around the world,” says Shane Coughlan, OpenChain General Manager. “One of the defining aspects of the OpenChain industry standard is our broad applicability to companies of all sizes and in all sectors. It has been fantastic to work with Microsoft to understand the needs of the cloud and large enterprises, especially with regards to how some approaches differ to consumer electronic, infrastructure and other markets. The conformance announcement today is a milestone that greatly supports our evolution as we head into 2020 and underlines once again the value of our continued collaboration.”
About the OpenChain Project
The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.
About The Linux Foundation
The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.
The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage.
Linux is a registered trademark of Linus Torvalds.
Big thanks are due to Andrew Katz and his teams at Moorcrofts and Orcro for preparing this material. As with all OpenChain reference material these slides are available under CC-O licensing, effectively public domain.
The second meeting of the OpenChain China Work Group is underway right now at the Baidu offices in Beijing. This event, kindly hosted and supported by our friends from companies like Baidu, Huawei and JD.com, provides a great opportunity to share notes and make plans ahead of 2020!
As you can see there are plenty of smiles alongside more serious discussions. It is also worth noting the gender balance in the room. Thank you China WG for leading the way!
Thanks to the tremendous work of Andrew Katz, his team at Moorcrofts, and the team at Orcro, the OpenChain Project offers an open source policy template to support our industry standard. This is a frequently requested aspect of our reference material and – as with all OpenChain reference material – it is available under CC-0 licensing, effectively public domain.
We are delighted to announce the release of the fourth OpenChain community interview. This time we had a chance to sit down with Maggie from Ladas and Perry, an active contributor to the OpenChain China Work Group, and a key figure in the broader Chinese open source technology community.
We have a terrific amount of activity in the OpenChain Project. A lot happens around our calls, where we often record audio and video, but we occasionally get asked for other formats too. Time and resources prohibit us from transcribing calls but there are some avenues to explore. Our conference provider offers automated transcriptions and today – for the first time – we are exploring how these may be shared with the community.
There are errors in the documents. We are providing a PDF and a Word document, the former for quick review, the latter to contribute fixes. Our goal is to test offering a new way to catch up on what happened. We are particularly interested in seeing if this provides utility to non-native English speakers.
Our test release is a transcript of Russ from GM – First Monday November – talking about how open source works in the US automotive space.
Shouldn’t the project focus on excellence and avoid releasing documents with typographical errors?
We are an open project with a global community. We work hard to make all of our official documentation clear, simple and free of errors. However, we also have a lot of other material, such as these automated transcripts, and we are experimenting with providing access.
Who would find this useful?
Non-native English speakers who may have difficulty understanding spoken English. Written English, even imperfect written English, may be useful.
One exciting outcome of the OpenChain Korea Work Group meeting # 4 was the release of our first Korean case studies. These case studies from SK Telecom and NCSoft cover Open Source Governance Organization approaches inside their respective companies. They are currently only available in Korean.
The fourth OpenChain Korea Work Group meeting took place on the 2nd of December 2019 at KTDS. This event was attended by around 20 people from 8 companies and marked the first release of Korean company case studies. Details below along with links to review our past meetings and to join our Korean mailing list.
The fifth meeting is scheduled for March 2020 at the Kakao offices in Seoul. Watch this space!
