Google, Facebook and Uber are joining the Linux Foundation’s OpenChain open source licensing project, taking their place 13 other companies, including GitHub, Adobe, Cisco, Comcast and others, the foundation announced at the Open Compliance Summit in Yokohama, Japan, this week.
As platinum members, the companies will gain seats on the OpenChain Governing Board, providing additional insight at a time when the project is moving toward formalizing its standing as an industry standard.
OpenChain provides a standard for ensuring companies comply with the numerous and varied open source licenses at play within their supply chain. According to OpenChain general manager Shane Coughlan, OpenChain does this not through a prescriptive approach, but rather through an economic one, wherein customers choose suppliers that are able to prove their compliance. Were OpenChain to be overly prescriptive, Coughlan said, it would be unable to keep up with the demand and the standard wouldn’t be suitable for companies of different sizes and industries.
“OpenChain is designed for every company of every size in every market,” Coughlan said. “The idea is, customers can say to suppliers, ‘I see you’re conformant, can you show me your compliance artifacts?’ and in this sense, OpenChain, as a standard, has its auditive capacity through the economics of the supply chain itself. It allows companies of different sizes to address open source compliance in a manner appropriate to their market and situation. OpenChain identifies the key requirements, but leaves plenty of flexibility for companies to determine the specifics.”
The new companies will further add to the diversity of its current board, which already spans various industries with members such as Toyota, Siemens, Sony and Toshiba.
“You’ll notice that Adobe is our only cloud-first company, until today. OpenChain is meant to be applicable to all market sectors and this provides us a huge amount of knowledge in multiple areas and markets,” said Coughlan. “Facebook, Google and Uber are organizations with great experience around standardization as we go to the next level and build out OpenChain even further.”
Beyond expanding the project’s board, Facebook, Google and Uber also help expand OpenChain’s influence in the world of open source, as all three companies are extensive participants in the open source community and operate some of the world’s largest data centers, platforms and cloud infrastructure powered by a vast array of open source software and hardware.
Alongside the announcement of these new members, the project also announced its Open Compliance Program with the Linux Foundation, which acts as a portal to Linux Foundation projects that offer reference material and assistance for companies and individuals seeking to use open source software in a compliant fashion. Similarly, OpenChain offers both a curriculum of training and reference materials for open source compliance, as well as a free, online self-certification.
In the end, Coughland explained, the OpenChain specification is “conceptually similar to standards like ISO 9000” and guarantees that companies have processes in place, but not the specific form those processes take. Indeed, much of today’s announcement, he said, was a precursor to the projects push toward becoming a formal standard in 2019, with the next update coming in April.
The Linux Foundation is a sponsor of The New Stack.
Feature image via Pixabay.