Microsoft Joins OpenChain Open-Source Compliance Group
OpenChain, I would argue, is the most important open-source project you've never heard of before. This Linux Foundationconsortium provides an industry standard for open-source supply chain license compliance. And now, Microsoft has joined the the OpenChain Project.
OpenChain's important because the open-source software supply chain goes from companies that are little more than a single developer in his home office to multi-billion dollar businesses. Within it, there are tens of thousands of programs with a wide variety of open-source software licenses. So, how can companies trust and manage all the code's legal requirements? The answer is with OpenChain.
As the OpenChain project manager Shane Coughlan explained, "The basic idea was simple: Identify key recommended processes for effective open source management. The goal was equally clear: Reduce bottlenecks and risk when using third-party code to make open-source license compliance simple and consistent across the supply chain. The key was to pull things together in a manner that balanced comprehensiveness, broad applicability, and real-world usability."
Read more at ZDNet