Complex Made Simple: The State of Governance in Open Source
圆圆
/
发布于
/
2034
人观看
Clear governance, a shared understanding of process and rules, is key to the success of open source adoption at scale. Our global community represents many perspectives, many cultures, and many jurisdictions. To address these we have seen the emergence of overarching principles, practical guides and effective tools that support the necessary balance of flexibility and shared trust. This talk will focus on the key open source solutions that address real-world challenges. It will highlight a stack of solutions that includes OpenChain, SPDX, Reuse.Software, FOSSology, ScanCode, sw360, ClearlyDefined and QuarterMaster and explain how they work together at a high level (e.g OpenChain standard) to practical tooling (e.g QuarterMaster CI/CD).
展开查看详情
1. Complex Made Simple
www.openchainproject.org
�
2.“How do I trust my open source supply chain?”
2
�
3.There are three parts to OpenChain Project:
1. Specification
2. Conformance
3. Curriculum
3
�
4.The OpenChain Specification defines the requirements
for a quality compliance program.
4
�
5. Training
Inbound Policy Outbound
Process
5
�
6.
The OpenChain Specification confirms a company has
open source processes, policies and training.
Companies have the flexibility to decide each specific
process, policies and training.
6
�
7.Common requirements for suppliers and customers
makes everything simpler.
Learn more here:
https://www.openchainproject.org/spec
7
�
8.OpenChain Conformance allows organizations to show
they meet these requirements.
8
�
10.If a company can answer Yes to each question they are
OpenChain Conformant.
Learn more here:
https://www.openchainproject.org/conformance
10
�
11.The OpenChain Curriculum provides reference open
source processes and solutions.
Learn more here:
https://www.openchainproject.org/curriculum
11
�
15.The OpenChain Curriculum can be used for any open
source training program.
Learn more here:
https://www.openchainproject.org/curriculum
15
�
16.The goal is to build trust by having organizations
conformant with the OpenChain Specification.
16
�
17.Companies supporting OpenChain:
• Adobe • HPE
• ARM Holdings • Qualcomm
• Cisco • Siemens
• Comcast • Sony
• GitHub • Toyota
• Harman International • Western Digital
• Hitachi • Wind River
2017 17
�
18.Work Teams supporting OpenChain:
1. Specification - Chaired by Mark Gisi (Wind River)
2. Conformance - Chaired by Miriam Ballhausen (SCA)
3. Curriculum - Chaired by Alexios Zavros (Intel)
4. Onboarding - Chaired by Nathan Kumagai (Qualcomm)
18
�
19.Coming in 2018:
Supply chain adoption
19
�
20.Coming in 2018:
New reference material
20
�
21.Coming in 2018:
A specification review process
21
�
22.Be part of this
Join the community:
https://www.openchainproject.org/community
Self-certify your organization:
https://certification.openchainproject.org
22
�
23. Questions?
OpenChain Project - The Linux Foundation 2017 23
�
