The SBOM Sub-Group of the OpenChain Japan Work Group has officially submitted their proposal for the inclusion of SPDX Lite in the forthcoming SPDX 3.0 standard for Software Bill of Materials.
SPDX Lite is designed to make it quick and easy to get started with a Software Bill of Materials in situations where a company may have limited capacity for introducing new items in their process management. It aims to balance the SPDX standard and actual workflows in some industries.
Learn More In The Official SPDX Project Pull Request
NORDEMANN, a law firm based in Germany, is the latest official OpenChain Partner. Based in Berlin, NORDEMANN combines a team with a long pedigree of legal provision with a clear, modern vision for making the complex simple.
“NORDEMANN as an IP/IT boutique law firm from Germany is committed to excellence in its work for its clients, such as IT companies and other industries using open source and contributing to such projects”, says founding partner Christian Czychowski, Honorary Professor at the University of Potsdam. “We are happy to now underline such excellence by having been accepted as partner of the renown OpenChain industry standard for open source compliance. By that can be part of this great community around the globe that sets the rules which help to build the all important trust in supply chains.”
“We are delighted to welcome the NORDEMANN team to the our official partner program,” says Shane Coughlan, OpenChain General Manager. “The availability of reputable legal advice is a key pillar in the effective market growth of our standards for open source license compliance and security assurance. The delivery of more choice in the German market marks a further milestone in the maturity of the OpenChain ecosystem.”
The OpenChain Project releases presentations in English roughly every month to help with community outreach. You can find the full collection on our GitHub. June’s presentation comes in three variants:
As part of our outreach roadshow in China during May and June, the OpenChain Project is participating in-person at many events. However, time does not permit to attend all, and we are both fortunate and grateful to be able to continue the roadshow with recorded speeches for other critical events. For example, the excellent OpenAtom Global Summit will feature a speech by Shane Coughlan, OpenChain General Manager, as it runs from June 11th to 13th.
Shane Coughlan, OpenChain General Manager, has been connecting with new open source communities as part of his recent trip to China. After meeting with the leadership of Shanghai Open, and discussing ways we can work together, he recorded a special video greeting for the next meeting. As a unique twist, he attempted the first two sentences in China. We apologize for his complete failure to pronounce things properly.
The OpenChain Project is proud to announce that we are holding a community meetup on the 1st of June in Beijing. As you can see from the image above, a ton of organizations and companies are supporting this initiative. Our schedule includes international perspectives with Mary Wang, Director of Open Source Ecosystem at Volvo Cars in Sweden giving a key talk, as well as some great talks from local speakers.
Eagle-eyed members of the community will have noticed new mascots appearing gradually over the last couple of weeks around the OpenChain Project material and events. These new mascots for 2023 have been created by Soim Kim of the OpenChain Korea Work Group, and represent a new way to add a playful feel to community outreach. The basic concept is pretty simple: around open source people often use penguins (like we have done for the past five years), but what about all the other wonderful creatures from cold climates? Snow foxes, polar bears and so many more? Well… OpenChain is here to the rescue. We are featuring them all! Over time it is hoped that we can build our new friends in various different poses to help make sure they offer great support to all that we do.
In the near term you will find them in plenty of variants already, and you can expect to see stickers, mugs, t-shirts and many more things appearing at events and at our work group meetings in the coming months. You can download our new images and play with them via the OpenChain GitHub repo for image assets:
Naturally you can still use our traditional penguins too. These dear friends are part of our history and have provided a splash of color to all sorts of slides, handouts and other material.
The OpenChain Project community is an amazing place. We do a lot of corporate outreach, planning and execution. But we also do a lot of community meetings, events and workshops. Balancing our day-to-day work requirements and the additional opportunities for personal and professional networking is part of our DNA.
As per the previous meeting, work was focused on the supplier education leaflet. We are getting close to an updated release version and your review would be super useful. This document will be formatted for PDF distribution (as well as MarkDown final source), and is targeted towards being a “one attachment” way to get your suppliers up-to-speed on the basics needed for open source, compliance and security assurance.
The goal is to ensure people can understand options. We will not be prescriptive and these model provisions will remain part of the OpenChain reference material. They will not be included in the standards themselves.
The OpenChain Project, in collaboration with CAICT, SecTrend and Huawei, will host a governance conference in Shenzhen on the 3rd of June. We have a stellar schedule that will cover all aspects of open source management and processes. Shane Coughlan, OpenChain General Manager, will be there to provide a global perspective, and our local speakers will provide deep insight into matters of key strategic concern to the Chinese market.