Shane Coughlan, General Manager of the Linux Foundation OpenChain Project, Keith Bergelt, OIN CEO, take a look at open source expectation & Open Source Software (OSS)-related behavior in the supply chain ecosystem for virtually every business and every industry in this week’s Open Source For You magazine.
SAN FRANCISCO MARCH 24, 2020 – Today the
OpenChain Project welcomes Lex Pan Law and Opsequio as our latest official
partners. Lex Pan Law, a technology law firm based in the United States, has a long
and deep background in intellectual property and free and open source
licensing, as well as other associated corporate and business law issues like
securing patent, copyright and trademark protection, IP portfolio strategy and
development, strategic technology licensing, IP asset assessment and mergers
& acquisition.
Opsqeuio (www.opsequ.io), a virtual open source program office (OSPO) services
company also based in the United States, has a long background in setting up
and running software provenance and open source compliance programs in high
technology organizations, and its services are designed to provide consultation
and coverage for small-to-medium-sized organizations not yet ready to set up
their own internal OSPO, and supplemental support for larger companies which
have an existing OSPO.
Their partnership with the OpenChain Project marks another milestone in building out global support for user companies adopting our industry standard for open source compliance and provides a local resource for companies and organizations in the Pacific Northwest region of North America looking to adopt OpenChain practices or to become OpenChain conformant.
“OpenChain provides a wealth of resources for companies and organizations looking to adopt industry-leading practices around software compliance,” says McCoy Smith, Founding Attorney of Lex Pan Law and Founder of Opsequio. “As someone who has followed the development of OpenChain as a standard and as a community since its inception, I am thrilled for Lex Pan Law and Opsequio to become part of that community, and to help our clients and customers to take full advantage of everything OpenChain has to offer.”
“As OpenChain has seen increased adoption
globally there has been a steady push for expanding the network of support
available for user companies refining their compliance programs,” says Shane
Coughlan, OpenChain General Manager. “Our relationship with Lex Pan Law and
Opsequio continues to bolster our position in both the North American and
global market, particularly in the growing tech hubs in the Pacific Northwest, and
it also formalizes our cooperative relationship in a manner aligned with the
project’s strategic goals. I am looking forward to close collaboration with Lex
Pan Law and Opsequio as we support our user companies in the global rollout of
the OpenChain standard in the supply chain and the acceptance of OpenChain as
an ISO standard later this year.”
About Lex Pan Law & Opsequio
Lex Pan Law (www.lexpan.law) is a full-service technology
and intellectual property law firm, based in Portland, Oregon, USA, with over
35 years of experience in virtually every facet of technology and law,
including extensive experience and community contacts in the free and open
source licensing world (including software, hardware, and content). Opsequio (www.opsequ.io) offers virtual open source
program office services, and has close to 20 years of experience in setting up,
managing, and growing an open source program office in a multinational Fortune
50 technology company. Both organizations are led by McCoy Smith, a leading
speaker and author on intellectual property issues and their intersection with
free and open source licensing. He is on
the editorial board of the Journal of Open Law, Technology & Society
(www.jolts.world).
About the OpenChain Project
The OpenChain Project builds trust in open
source by making open source license compliance simpler and more
consistent. The OpenChain Specification defines a core set of
requirements every quality compliance program must satisfy. The
OpenChain Curriculum provides the educational foundation for open
source processes and solutions, whilst meeting a key requirement of
the OpenChain Specification. OpenChain Conformance
allows organizations to display their adherence to these requirements. The
result is that open source license compliance becomes more
predictable, understandable and efficient for participants of the
software supply chain. More information can be found at www.openchainproject.org.
About The Linux Foundation
The Linux Foundation is the organization of
choice for the world’s top developers and companies to build
ecosystems that accelerate open technology development and industry
adoption. Together with the worldwide open source community, it is solving the
hardest technology problems by creating the largest shared technology
investment in history. Founded in 2000, The Linux Foundation today
provides tools, training and events to scale any open source project,
which together deliver an economic impact not achievable by any
one company. More information can be found at www.linuxfoundation.org.
The Linux Foundation has registered trademarks and uses trademarks. For a
list of trademarks of The Linux Foundation, please see our trademark
usage page: https://www.linuxfoundation.org/trademark-usage.
Linux is a registered trademark
of Linus Torvalds.
The OpenChain Project has a substantial presence on GitHub. We use our space to store core documents like the project charter and specification, our growing library of reference material under CC-0 licensing, and other material like our project image assets. This allows our global community to quickly access, share and improve all aspects of our work.
We have recently been expanding the membership of our project repositories and we would be delighted to welcome you too. As of today, with 76 members and 34 pending invitations, we have a diverse community of technical, legal and management experts sharing knowledge to make open source compliance easier, faster and better.
The Open Compliance Summit is held annually in Japan. It is an exclusive 2-day event for Linux Foundation members and select invitees that provides an excellent opportunity for organizations to share knowledge around open source compliance. This conference is designed to build connections that streamline interactions between companies of all sizes in all sectors.
We had a great event on the 17th and 18th of December 2019 and – given our position as the key event globally focused on open source compliance – we ran a survey from attendees. Here are the results.
All of this feedback will be going into making the 2020 event event better. Thank you everyone!
The OpenChain Reference Tooling Work Group meets on a bi-weekly schedule via teleconference to discuss one of the most pressing issues around open source compliance: how do we automate as much as possible? The work group has been active since summer 2019 mapping out how references toolchains can be described and shared, helping companies exploring automation with open source to begin engagement with the field. The core concept behind the work group is to create a situation where any company wishing to use open source tooling for open source compliance can do so, and making it clear where interoperability is focused for companies operating a hybrid approach of proprietary and open source tools.
Today the OpenChain Project is releasing a community contribution from Ibrahim Haddad covering metrics that can be applied to evaluate source code scanning tools. This is a timely topic, given the amount of discussion around our global community around automation, and the initial release of this document is intended to encourage discussion about what a final, official OpenChain reference document could contain.
The fifth meeting of the OpenChain Korea Work Group will take place as a remote conference call at 2pm on the 19th of March. All interested parties are invited to attend and to help make the first major meeting in Korea this year a success. Topics will include a review of open source use in enterprises, an exploration a new ‘Introduction to OpenChain’ manual published by NIPA, and a collaborative round-table session on Bill of Material tracking.
Join the Meeting
Schedule: 2020-03-19 (Thu) 2:00~ pm
How to join on PC (1) PC에서 https://uberconference.com/openchainproject 접속 (2) Your Name 입력 후, “Join audio-only” 클릭하여 방에 입장 (3) Confirm settings 화면에서 마이크와 스피커 설정 확인 후 > Join conference
How to join on Phone (1) 핸드폰에서 02-6022-2388로 전화 (2) 855 889 3011 # 입력