OSPO OnRamp

OSPO OnRamp

The OSPO OnRamp meeting series provides a low-threshold entry point for organisations that want to exchange and learn about the basics on how to set up an Open Source Program Office and get started into open source.

The 90 minute meeting is planned in a monthly cadence and will mainly consist of two parts.

In the first part an invited presenter will share experiences, lessons learned and other cool stuff. We plan to record this part of the meeting and to upload the recording later at the OSPO OnRamp website for later reference. This way we hope to gather and retain valuable information for the community.

In the second part of the meeting we would like to provide a trustful and protected environment where all participants can openly share and discuss their challenges, problems or other actual topics around establishing Open Source in their respective organisations. This part of the meeting will be held according to the Chatham House Rules. Therefore there will be no recording of this part of the meeting.

🌐 Link to meeting - click to join

Past meetings: you can find all available recordings and available content from the previous meetings πŸ”„ here.

Next meeting(s)

Meetings are scheduled for every third Friday of every other the month from 10:30-12:00 CEST.

In this session we will explore the process of defining the strategic benefits expected from an open source strategy, how they map to both internal (organisational) and external (political) agendas. We’ll look at implementing this strategy as both open source and InnerSource cultures and how to drive that culture change. During the presentation we’ll hear what hurdles appeared on the road, and what worked well to move forward.

You can import this specific session into your calendar with this πŸ“… ICS file


  • πŸ“… Friday, November 21st, 10:30-12:00 CET
    πŸŽ™οΈ Philippe Ombredanne, Lead Maintainer of AboutCode.
    πŸ“œ How Package-URL (PURL) transforms OSPO operations.

Software supply chains are increasingly complex with dependencies spanning multiple package managers, programming languages, and distribution mechanisms. Inconsistent package identification impedes accurate and timely vulnerability tracking, license compliance, and security analysis.

Open Source Program Offices face unique challenges in managing enterprise-wide open source adoption while ensuring compliance, security, and governance. Package-URL (PURL) addresses these challenges. As the open standard for the universal, unambiguous identification for software packages across all ecosystems, PURL offers a simple yet powerful URL-like syntax that uniquely identifies packages from npm and PyPI to container images and operating system packages, enabling unprecedented visibility and control over software supply chains.

For OSPOs, PURL transforms operations by enabling unified license compliance across all ecosystems, faster vulnerability correlation and incident response, consistent approval workflows for diverse development teams, and vendor-neutral tooling integration. In this session, PURL creator Philippe will share PURL’s origin story and evolution and practical strategies for implementing PURL to transform their OSPO for proactive, integrated supply chain management.

You can import this specific session into your calendar with this πŸ“… ICS file


  • πŸ“… Friday, December 19th, 10:30-12:00 CET
    πŸŽ™οΈ Clare Dillon, CURIOSS Community Lead at CURIOSS.
    πŸ“œ Team Topologies and Value Paths for OSPOs and ISPOs.

You can import this specific session into your calendar with this πŸ“… ICS file


For your convenience, we provide:

  • πŸ—“οΈ an online calendar. Click this link to open it.
  • ‡️ a way to add them dynamically to your own calendar app and stay up to date. Add to your calendar app an Internet calendar using this link.

Mailing list

All news, infos and updates will be shared on the OSPO OnRamp mailing list.

Please subscribe at https://framalistes.org/sympa/info/ospo.onramp.

Meeting topics

We would love to see topic proposals for the meeting via the maillinglist. The following list can be seen as starting point, which we will extend based on the community input:

  • How to select the “right” open source project for adoption and contributions.
  • How to identity sustainable, secure open source projects with respect also to processes and documentation.
  • How to attract/raise interest of the C-Level management for a dedicated Open Source strategy.
  • How to ease the formal “entry barriers” for developers to join open source activities.
  • How to engage with the Open Source community as a company.

We don’t plan to establish a formal voting process but confirming interest into proposed projects via the mailing list will help us to identify the most relevant topics for the community.

Initially we will reach out to the OSPO Alliance network to identify speakers, who are willing to share insights from their perspective, but mid- to long-term we hope that the community itself will identify the right speakers for upcoming meetings.

Additional Resources

Resources coming from different Open Source and/or OSPO communities and Open Source professionals to help people advance in their open source journey.

Guides and books: