This is an “outcome” webinar from the OpenChain and Friends event in Stuttgart, Germany, in April 2025. Our focus was on recent advances in the open source and open data AboutCode stack for licensing and security compliance. Our speaker was a good friend of the OpenChain Project, and the founder…
Oscar Goñi (Quique) discussed research around LLM generated code and the potential for risks associated with open source license compliance. This event looked at source code similarity detection via open source tooling. Watch the Webinar: https://youtu.be/IlvGsxMvjh0 Abstract: Oscar Goñi (Quique) has investigated source code similarity detection in Large Language Model…
What We Covered: The OSS Review Toolkit (ORT) is a FOSS policy automation and orchestration toolkit that you can use to manage your (open source) software dependencies in a strategic, safe and efficient manner. This webinar digs into how the Erlang Ecosystem Foundation (EFF) makes use of this tool to…
What We Covered: Open source software providers are facing a triple threat: tightening US and EU regulations, rising IP litigation, and the risks introduced by Gen AI. Soon, your board—and your customers and suppliers— might be asking that you have specific insurance that actually covers OSS-related liabilities. But, does such…
What We Covered: This webinar provided an introduction to DeepSeek, covering its technical highlights, history, the company, and their vision. Our presenter was Jerry Tan, a long-time contributor to the open source ecosystem in China, and Executive Vice Secretary-General of the China Open Source Promotion Union (COPU). Watch the Webinar: …
https://youtu.be/MrcfFWcIy6c What We Covered: The Cyber Resiliency Act (CRA) is coming and this European regulation will impact software development worldwide. Organizations (and projects) of all sizes need efficient compliance processes to correctly identify software components and strengthen cybersecurity efforts. The AboutCode stack of 100% open source tools and open data…
When walking into a shop, there’s a lot of choice for electronic devices like WiFi routers, IP cameras, and more. Many devices are identical, or nearly so, as they come from the same manufacturer or use the same chip and code from the chipset manufacturer. CVEs, however, often focus on…
We had an insightful session with Dawn Foster on sustaining OSS projects and communities over the long-term. The CHAOSS project has been creating a series of MIT-licensed Practitioner Guides focused on improving the sustainability of our software and communities. The guides are designed to make it easier for people to…
We have been doing source level license scans for Linux Foundation (LF) projects for a long time including generating SPDX formatted files, but what about SBOMs that can meet (and exceed) the government minimum specification? Here at the LF, we are now leveraging our existing scanning capabilities to generate SBOMs…
When we think about Software Build of Materials, we are looking at what might be a multi-dimensional space consisting of hierarchy, linking, modification, export restrictions, security vulnerabilities, distribution type, versions, etc. Care must be taken when setting up the SBOMs to both list the components used and to show how…
You may also want to check out our community interview series >
© 2025 OpenChain. All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page. Linux is a registered trademark of Linus Torvalds. Privacy Policy and Terms of Use
