Skip to main content


OpenChain Webinar #51 – An Update On ClearlyDefined

By News, Webinar

OpenChain Webinar #51 featured an update on ClearlyDefined by Nick Vidal at the Open Source Initiative (OSI). A lot has happened since we last covered this project for open source metadata, including the move to a new home at OSI.

About The Project

ClearlyDefined and its parent organization, the Open Source Initiative, are on a mission to help FOSS projects thrive by being clearly defined. Lack of clarity around licenses and security vulnerabilities reduces engagement – that means fewer users, fewer contributors and a smaller community.

As such, the goals of the project are to:

  • Raise awareness about this challenge within FOSS project teams
  • Automatically harvest data from projects
  • Make it easy for anyone to contribute missing information
  • Crowd-source the curation of these contributions
  • Feed curated contributions back to the original projects

Watch The Webinar

Check Out All Our Previous Webinars

OpenChain Webinar #50 – An Overview of SPDX 3.0

By News, Webinar

Our 50th webinar featured Alexios Zavras, Chief Open Source Compliance Officer at Intel Corporation and a long-term friend and collaborator around the OpenChain Project. This time the topic was SPDX 3.0, a significant generational update to SPDX, a sister standard to OpenChain ISO/IEC 5230 and OpenChain ISO/IEC DIS 18974.

SPDX is a Software Bill of Materials (SBOM) specification, so it operates one layer down from the fundamental processes outlined by OpenChain’s standards, and it provides an excellent way to meet our requirements for an SBOM to be used by companies. The second generation of SPDX has been an ISO/IEC standard for two years as ISO/IEC 5962. The third generation shows interesting promise as a way to manage license compliance, security and more.

Watch The Webinar

Check Out The Slides

Check Out All Our Previous Webinars

OpenChain Webinar #49 – FOSDEM Recap

By Featured, News, Webinar

This OpenChain Webinar featured a FOSDEM recap by Philippe Ombredanne of NexB for everyone who did not attend the event in Belgium at the start of 2023. In 2023 FOSDEM had over 8,000 participants and 771 presentations, making it one of the largest open source events in the world by a large margin. This webinar will be of particular interest to people exploring open source tooling for open source compliance or security.

OpenChain Webinar #48 – GPLv2 Licensing History

By Featured, News, Webinar

This OpenChain Webinar features an overview of GPLv2 licensing fragmentation based on research initiated by Philippe Ombredanne of NexB and continued by Armijn Hemel of Tjaldur Software Governance Solutions. The key takeaway is that a significant number of variations exist (40 “vanilla” copies from the FSF or GNU website, 12 with the Linux kernel linking exception in the Linux kernel), but the impact of these variations is nuanced. The requirements do not change but the variability may throw errors for automation and review. Process awareness is required.

Check Out All Our Past Webinars Here:

OpenChain Webinar #47 – OSSelot: The Open Source Curation Database

By Featured, News, Webinar

This OpenChain Webinar features OSSelot, an open source curation database recently launched by OSADL in Germany. This project addresses one of the most requested features around open source automation for open source compliance: an open, public database supporting SBOM (via SPDX ISO/IEC 5962) for common software packages. This could be a game-changer.

Check Out The Project Website:

OpenChain Webinar #46 – A WebAssembly Fireside Chat with Armijn Hemel

By Featured, News, Webinar

The 46th OpenChain Webinar is being released as a recording adjacent to the Open Compliance Summit keynotes here in Yokohama, Japan. 

This time we are having ‘A WebAssembly Fireside Chat with Armijn Hemel,’ unpacking work being done around WebAssembly, compliance and the questions lawyers can usefully ask.

Get the full report Armijn prepared for Linux Foundation here:

And in Japanese here: