There has been some work done over the past 6 months with the S&O group. @darius and @burke did quite a bit of research into what would need to happen technically for our communication channels, and @terry and myself met with the compliance & legal team at Mozilla to better understand the legal requirements and implications. Those discussions are here and here. The current status is that we are awaiting technical updates from the providers of the technologies we use for our communications, in order to be in compliance. For the code itself, we have decided to follow the Mozilla model to not address historical text in the code, as this becomes the responsibility of the person or organization downloading the code.
It would be great to hear other suggestions for addressing compliance! 