ClearlyDefined has a new community manager! Nick Vidal has joined the project hosted by the Open Source Initiative (OSI) that helps Open Source projects thrive by putting essential licensing data at teams’ fingertips. Vidal comes with 20 years of experience developing Open Source communities and will lead ClearlyDefined to its next phase. He previously served as the director of community and business development at the OSI and director of Americas at the Open Invention Network. Currently he is chair of the outreach committee of the Confidential Computing Consortium from the Linux Foundation.
Vidal joins the project as we celebrate its five year anniversary and the 25th anniversary of OSI. The goal of ClearlyDefined is to bring clarity around licenses and security vulnerabilities to Open Source projects. It provides a mechanism for harvesting available data about Open Source projects using tools such as ScanCode and FOSSology, and facilitates crowd-sourcing the curation of that information when ambiguities or gaps arise.
A lot has changed in the first years of ClearlyDefined, and we’re excited for what the future holds. The ClearlyDefined community has grown to include individuals from organizations such as Microsoft, SAP, Bloomberg, Qualcomm, HERE Technologies, Amazon, nexB, the Eclipse Foundation, and Software Heritage. Together, the community has successfully built a robust software system that is accessible through an open API. The number of definitions in ClearlyDefined has doubled year over year. With a redesigned UI, the data is displayed in a more user-friendly way, making it easier to understand and consume.
Even with all its growth, there’s a lot of room for further improvements as we look ahead to the next five years. Ever since the Log4Shell vulnerability, governments and organizations from around the world have come to realize the essential role Open Source plays in society, given its pervasiveness in the cloud, mobile devices, IoT and critical infrastructure. Clarity around licenses and security vulnerabilities of Open Source projects has become a key concern.
As community manager, Vidal will continue to grow a healthy community of individuals and organizations dedicated to tackling this community-wide concern. Projects ClearlyDefined will be collaborating with include OpenSSF’s Alpha-Omega, Core Infrastructure Initiative, OpenChain, SPDX, FOSSology, OSS Review Toolkit, Automating Compliance Tooling, Sigstore, Supply chain Levels for Software Artifacts (SLSA), Eclipse’s SW360, OWASP’s CycloneDX and OASIS’ Common Security Advisory Framework.
As we celebrate the triumph of Open Source software on its 25th anniversary, at the same time must acknowledge the great responsibility that its pervasiveness entails. Open Source has become a vital component of a working society and there’s a pressing need to bring clarity around licenses and security vulnerabilities to Open Source projects. With contributions from ClearlyDefined and the Open Source community at-large, the future of Open Source is bright and clear.