Hello, My name is Thomas Doggett and I am a Supply Chain Risk Management Coordinator at NASA. As such, I ensure that all NASA acquisitions of Covered Articles comply with Section 208 of the Further Consolidated Appropriations Act, 2020, Public Law 116-94, enacted December 20, 2019. To do so, the Country of Origin (CoO) information must be obtained from the company that develops, produces, manufactures, or assembles the product(s). Specifically, identify the country where each of the following products were developed, manufactured, and assembled: Git GUI for Windows 2.30.0 If the CoO is outside the United States, please provide any information you may have stating that testing is performed in the United States prior to supplying products to customers. Additionally, if available, please identify all authorized resellers of the product(s) in question. Lastly, as required by Section 889 of the Fiscal Year 2019 National Defense Authorization Act (NDAA) please 1.) advise if the product(s) in question is/are not manufactured by, contain components manufactured by or substantial influence from prohibited entities - Huawei, ZTE, Hytera, Hikvision, and Dahua and their subsidiaries and affiliates, and, 2.) advise if your organization has the covered telecommunications and/or video surveillance equipment or services as a substantial or essential component of any system, or as critical technology as part of any system within the organization. Product / Service Description: Git GUI for Windows 2.30.0 Model Number (if applicable): 2.30.0 Country (or Countries) of Origin: [[please provide your answer here]] NDAA Section 889, Part A Compliant (Y, N, N/A) : [[please provide your answer here - (Y, N, N/A) ]] NDAA Section 889, Part B Compliant (Y, N) : [[please provide your answer here - (Y, N) ]] Is final testing performed in the United States?: Recognizing that these questions don't fit open source software very well, will add that I've tried some workarounds - like your affiliation with the Software Freedom Conservancy, but their entry on SAM.gov is expired (current entries would have NDAA attestations on them). For these purposes, the country of origin of software is the country where the software was compiled and converted into object code. Thanks, Thomas Doggett SCRM Analyst | NASA Supply Chain Risk Management (SCRM) Office of Cybersecurity Services (OCSS) Office of the Chief Information Officer (OCIO) "The cosmos is within us. We are made of star-stuff" - Carl Sagan (703).244.8719 https://inside.nasa.gov/ocio/security/OCSS/SCRM ;
