Skip to main content
All Posts By

Shane Coughlan

Coming Soon: OpenChain UK Work Group Meeting @ BBC – 2023-03-28

By News

The next OpenChain UK Work Group meeting will be kindly hosted by the BBC at their Salford studios in Media City on the 28th of March. Thank you to David Buckhurst and Tom Sadler at the BBC for arranging this. For those staying overnight, there is a tentative plan to gather for a meal in the evening. 

The Work Group meeting will start at around 1pm with lunch and the core event will start at 1:45 and run until 3:00. After that, we’re planning some additional activities, including a visit to the BBC’s famous “blue room”

To take part in this meeting place contact the organizers via the OpenChain UK Work Group mailing list:

Coming Soon: OpenChain Export Control Work Group – Third Meeting – 2023-03-07

By Featured, News

The OpenChain Export Control Work Group will hold its third meeting on the 7th of March at 08:00 UTC. The focus will be on reviewing the new volunteer project being set up at to help explore the continuation of Bert’s work on as a general community resource.

Zoom Meeting ID: 93456802267

One Tap Mobile

+13052241968,,93456802267# US
+16475580588,,93456802267# Canada

Coming Soon: OpenChain Japan – OSPO Local Meetup – 2023-03-10 and 2023-03-24

By News

OpenChain Japan – OSPO Local Meetups in collaboration with TODO Group will take place between 15:00 and 16:00 on 2023-03-10 and 2023-03-24. Join via Zoom to learn more about activities in this area.

Zoom Meeting ID: 84799126957 / パスワード: 3L3NNss1
( )

( No application for participation required, Participation required to follow an Antitrust Law, LF Code of Conduct, and Chatham House rules. )

議題 (Agenda):

OSPO ローカル ミートアップは、日本のオープン ソース プログラム オフィスの状況について話し合い、組織内でのオープン ソース戦略の採用を促進します。 TODO GroupとOpenChain Japan WPによるサポート。

OSPO Local Meetup to discuss the status of Open Source Program offices in Japan, and foster the adoption of an open source strategy within organizations. Supported by TODO Group and OpenChain Japan Working Group.

詳細は以下参照(See this URL for details)

Coming Soon: OpenChain Webinar #49 – FOSDEM Recap – 2023-03-06

By Featured, News

The next OpenChain Webinar will feature a FOSDEM recap by Philippe Ombredanne of NexB for everyone who did not attend the event in Belgium at the start of 2023. The webinar will take place between 10:00 and 11:00 UTC (11:00 CET – 12:00 CET) on the 6th of March 2023.

We will use the OpenChain Project Zoom room:

This call is open to every individual and company regardless of their membership of Linux Foundation or the OpenChain Project.

Check your timezone:
PDT United States Pacific UTC-07:00
UTC Coordinated Universal Time UTC
CET Central European Time UTC+01:00
IST India Standard Time UTC+05:30
CST China Standard Time UTC+08:00
KST Korea Standard Time UTC+09:00
JST Japan Standard Time UTC+09:00

Compare timezones:

Join via one tap mobile:
+86 10 8783 3177,,4377592799# Mainland China
+33 1 8699 5831,,4377592799# France
+49 69 7104 9922,,4377592799# Germany
+81 524 564 439,,4377592799# Japan
+82 2 3143 9612,,4377592799# Korea
+91 80 71 279 440,,4377592799# India
+886 (2) 7741 7473,,4377592799# Taiwan
+44 330 088 5830,,4377592799# UK
+13017158592,,4377592799# USA

Find your local country number:
Meeting ID: 437 759 2799

OpenChain Japan Work Group Meeting #26 (Hybrid #1) – Recording

By News

The first face-to-face OpenChain Japan Work Group meeting in three years was hosted by Hitachi Solutions and featured our usual exceptional schedule of case studies and discussion. Big thank you to Ayumi and team for providing a great place to bring the community together. You can check out all the main sections of the meeting in our recording (English and Japanese).

Interested in future events? Join our Japan Work Group mailing list:

OpenChain @ OpenAnolis Standardization SIG Meeting

By News

The OpenChain Project was invited by Max at Alibaba to present at the OpenAnolis Standardization SIG Meeting on the 25th of February event held between 15:00 ~ 18:00 CST. The focus was on explaining the current OpenChain specifications for open source license compliance and security assurance, and how the OpenChain community supports organizations of all sizes engaging with the open source supply chain.


The Anolis OS Standardization SIG and Anolis OS ecological partners jointly develop the Anolis OS standard. The Anolis OS standard is used to ensure the compatibility and consistency of Anolis OS in the upstream and downstream of the industry chain.

Learn More About Their Work

OpenChain Reference Library – Complete Overhaul

By Featured, News

The OpenChain Reference Library has been significantly updated to improve navigation. This is an administrative item that was pending for a while. Its completion should make it possible (and easy!) for anyone to access our library and find material. It should also make it a lot easier for our Education Work Group to assess and improve or expand existing material.

Access The Repository

The New Structure

Some Notes

This new structure is designed to overcome discoverability issues with the previous repository and to make it easier for continual improvement both of individual documents and for the navigation of the repository as a whole. This means that your feedback, suggestions and help are most welcome. You can leave feedback and ideas for improvement as GitHub issues or via our Education Work Group mailing list.

OpenChain @ Wikipedia

By Featured, News

The OpenChain Project is officially featured on Wikipedia in three languages:

  1. English
  2. French
  3. German

Example of the text in English:

ISO/IEC 5230 (known as OpenChain) is an international standard on the key requirements for a high-quality open source license compliance program. The standard was published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in late 2020. The standard is based on the Linux Foundation OpenChain Specification 2.1. It focuses on software supply chains, easier procurement and license compliance. Organizations that meet the requirements of the standard can self-certify to ISO/IEC 17021, from an accredited certification body or after successfully completing an audit.

We would love your help in reviewing and improving this new resource to help spread understanding of our standard for open source license compliance, and expanding our presence over time to include the OpenChain Security Assurance Specification. You can do so through the normal Wikipedia editing process. Here is an example for the English page.

Huge thanks to Marc-Etienne Vargenau at Nokia for leading this process. He put a lot of effort into making this happen, and is due great credit for helping to improve the supply chain through easily available educational material.

OpenChain OSPO Subgroup Meeting / TODO Local Meetup Minutes – 2023-02-17

By News

Original document here:

Want to be part of the next meeting? Join the mailing list:

  • Participants:
    • Owada, Daikoku, Fukuchi, Endo, Shima, Suzuki, Oyagi, Kobota, Koizumi, Motai, Watanabe, Kato, Hayashi, Kuwata
  • Date:
    • Friday, February 17, 2023 15: 00 -16: 00
  • Location:
    • Online


  • We would create an equally short and easy to understand FAQ to help creating OSPO and running
  • reference: OSS License FAQ Created by OpenChain Japan WG
  • ◇Future activities
    • Second Friday: OSS Strategy & OSS Hosting / Leader Motai
    • Fourth Friday: OSPO Launch & FAQ / Leader Owada
  • ◇Action
    • Future activities listed above will be disclosed on the LF Event site (Kuwata)
    • Sharing GGI materials ( Koizumi, Kobota)
    • From now on, the meeting rules will be explained at the beginning of the meeting.


  • ◇OSPO launch at a company and OSS document structure summary
    • a state of thirst for expert know-how, opinion, and advice
    • The OSS Licensing Institute site is useful
    • The problems that will be encountered during the OSPO startup phase,
    • I’d be happy if you could give me a Q & A or something.
  • C) Some come from OpenChain,
    • What OpenChain policy can’t do, it gets it out of the lab
    • I doubt if I can say that the FAQ collection is for OSPO.
  • Q) Do you want answers specifically tailored to your company?
    • Either you want a general answer or
  • A) There are companies that offer support,
    • Some companies get support from C-class people, but software development takes a different form if the company is a small part of the business, so I want to know the case
  • C)If it’s the former, I think other people might want it,
    • I thought the latter was a new point of view.
  • C) The former is close to what you once suggested on Lightning Talk.
  • C) You might want to join OpenChain
  • C) It would be nice to have a forum to mainly discuss how to set up OSPO.
  • C) Know-how to set up OSPO, in favor of creating best practices
    • I doubt if it can be compiled into a beautiful document, but I agree with the challenge of compiling it into an FAQ.
  • C) It is interesting to use a brief, FAQ as an example.
    • The TODO line has a lot of long sentences.
    • It’s interesting to challenge yourself to put it all together in a short sentence.
  • C) The checklist attached to the translated GGI may be close
  • C) I think the words that speak of OSPO go off on their own and think of different things in each.
    • It would be interesting if we could converge and go, it would help to create a common understanding.
  • C) If we can put it together, it will be useful when we explain to the high officials in each company.
  • Q) Do you do FAQs by format, or do you argue and then summarize?
  • A) How to extract Q first and then make a sentence before PPT
  • Q) Classified as OSPO launch and strategic use, OSPO launch?
  • C) If it’s about OSPO, it doesn’t have to be limited to the launch
  • C) Wouldn’t it be that from being able to answer “yes” and “no” easily, it would become a Q that simply can’t be answered when strategy and other things get higher?
  • C) OSPO activities come and go on stage with the same agenda
  • C) Every organization has its own OSPO, but it’s worth trying
  • C) I think we can make good things if we shape what we say in writing and discuss it again.
  • Q) Are we talking about giving GGI feedback?
  • A) We’re talking about a challenge to step away from GGI and try to sort through the FAQ
  • C) a good challenge to try because it’s easy to get started
  • C) There are some sentences in terms of the stance to be taken after the systematization of Europe, but I think it would be good to complement each other if we take the Japanese stance and approach.

■future plan

  • OSS Business strategy area
  • OSS hosting area
  • C) First, I wanted to know how many people wanted to do it.
  • So far, four have raised their hands.
  • C) Wouldn’t it be better to divide the first and second half of the month by themes?
  • Q) Is it not necessary to make a summary by adding only the month of reporting?
  • A) You don’t have to get together to report, the organizer just has to report in English once every three months what you could do in Japan.
  • C) It is better to decide who will read each.
  • C) Week 2 OSS Strategy & Hosting / Leader Motai
  • C) Week 4: OSPO launch / Leader Owada

★Publish the above to the LF Event site

  • C) Sharing Materials (Daikoku)
  • C) GGI materials also shared (Mr. Koizumi, Mr. Kobota)