Shane Coughlan

The SBOM Sub-Group of the OpenChain Japan Work Group has officially submitted their proposal for the inclusion of SPDX Lite in the forthcoming SPDX 3.0 standard for Software Bill of Materials.

SPDX Lite was originally included in SPDX 2.2 and became part of SPDX ISO/IEC 5962:2021 in August 2021.

SPDX Lite is designed to make it quick and easy to get started with a Software Bill of Materials in situations where a company may have limited capacity for introducing new items in their process management. It aims to balance the SPDX standard and actual workflows in some industries.

Learn More In The Official SPDX Project Pull Request

• https://github.com/spdx/spdx-3-model/pull/350/commits/e6e1dfbc9fdc33a70cde976b5af39af7d963dc92

The OpenChain Project releases presentations in English roughly every month to help with community outreach. You can find the full collection on our GitHub. June’s presentation comes in three variants:

• Corporate (minimal mascots)
• Cute (new 2023 mascots)
• Classic (our old penguin mascots)

Check Them Out Below

Corporate

Cute

Classic

Download The Slides

• https://github.com/OpenChain-Project/Reference-Material/tree/master/Overview-Presentations/en

As part of our outreach roadshow in China during May and June, the OpenChain Project is participating in-person at many events. However, time does not permit to attend all, and we are both fortunate and grateful to be able to continue the roadshow with recorded speeches for other critical events. For example, the excellent OpenAtom Global Summit will feature a speech by Shane Coughlan, OpenChain General Manager, as it runs from June 11th to 13th.

Shane Coughlan, OpenChain General Manager, has been connecting with new open source communities as part of his recent trip to China. After meeting with the leadership of Shanghai Open, and discussing ways we can work together, he recorded a special video greeting for the next meeting. As a unique twist, he attempted the first two sentences in China. We apologize for his complete failure to pronounce things properly.

The OpenChain Project is proud to announce that we are holding a community meetup on the 1st of June in Beijing. As you can see from the image above, a ton of organizations and companies are supporting this initiative. Our schedule includes international perspectives with Mary Wang, Director of Open Source Ecosystem at Volvo Cars in Sweden giving a key talk, as well as some great talks from local speakers.

Check Out The Event Website

• https://www.bagevent.com/event/openchain-meetup-2023

Eagle-eyed members of the community will have noticed new mascots appearing gradually over the last couple of weeks around the OpenChain Project material and events. These new mascots for 2023 have been created by Soim Kim of the OpenChain Korea Work Group, and represent a new way to add a playful feel to community outreach. The basic concept is pretty simple: around open source people often use penguins (like we have done for the past five years), but what about all the other wonderful creatures from cold climates? Snow foxes, polar bears and so many more? Well… OpenChain is here to the rescue. We are featuring them all! Over time it is hoped that we can build our new friends in various different poses to help make sure they offer great support to all that we do.

In the near term you will find them in plenty of variants already, and you can expect to see stickers, mugs, t-shirts and many more things appearing at events and at our work group meetings in the coming months. You can download our new images and play with them via the OpenChain GitHub repo for image assets:

• https://github.com/OpenChain-Project/Image-Assets/tree/master/Official/Mascots-2023

Naturally you can still use our traditional penguins too. These dear friends are part of our history and have provided a splash of color to all sorts of slides, handouts and other material.

You will always find them in the image assets repo as well:
https://github.com/OpenChain-Project/Image-Assets/tree/master/Official/Penguin-Images

The OpenChain Project community is an amazing place. We do a lot of corporate outreach, planning and execution. But we also do a lot of community meetings, events and workshops. Balancing our day-to-day work requirements and the additional opportunities for personal and professional networking is part of our DNA.

As per the previous meeting, work was focused on the supplier education leaflet. We are getting close to an updated release version and your review would be super useful. This document will be formatted for PDF distribution (as well as MarkDown final source), and is targeted towards being a “one attachment” way to get your suppliers up-to-speed on the basics needed for open source, compliance and security assurance.

Watch The Recording

Check Out The Current Draft

• https://docs.google.com/document/d/1GY-hF5HvNHqwXFiIZEmHqPuOVzvwzMq9Hs8uYBzVFp4/edit