Abstract
The Open Source Software development model has gained a lot of momentum in the latest years providing organizations and software engineers with a variety of software, components and libraries that can be exploited in the construction of larger application systems. Open Source Software is accompanied by licenses that state the conditions under which the intellectual property can be used. Since not all licenses are governed by the same conditions of use, the correct combination of licenses is vital, when different libraries are exploited in newly developed application systems. If this is not adequately handled, license violations might be a consequence of incompatibilities. In this paper we present our work on license violation checking in the framework of Software Package Data Exchange (SPDX). Starting from the modelling of license compatibilities our approach examines potential violations in software package information formatted using the SPDX specification. At the same time alternative solutions in the form of applicable licenses for the software package are proposed. This approach can be a valuable asset for Open Source practitioners in the license decision process assisting in detecting possible violations and in making suggestions on license use.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aksulu, A., Wade, M.: A comprehensive review and synthesis of open source research. Journal of the Association for Information Systems 11(11) (2010)
Alspaugh, T.A., Scacchi, W., Asuncion, H.U.: Software licenses in context: The challenge of heterogeneously-licensed systems. Journal of the Association for Information Systems 11(11) (2010)
Boyle, J.: The public domain: Enclosing the commons of the mind. Yale University Press (2009)
Colazo, J., Fang, Y.: Impact of license choice on open source software development activity. Journal of the American Society for Information Science and Technology 60(5), 997–1011 (2009)
Feller, J., Fitzgerald, B., et al.: Understanding open source software development. Addison-Wesley, London (2002)
German, D.M., Di Penta, M., Davies, J.: Understanding and auditing the licensing of open source software distributions. In: 2010 IEEE 18th International Conference on Program Comprehension (ICPC), pp. 84–93. IEEE (2010)
German, D.M., Manabe, Y., Inoue, K.: A sentence-matching method for automatic license identification of source code files. In: Proceedings of the IEEE/ACM International Conference on Automated Software Engineering, pp. 437–446. ACM (2010)
Gobeille, R.: The fossology project. In: Proceedings of the 2008 International Working Conference on Mining Software Repositories, pp. 47–50. ACM (2008)
Lerner, J., Tirole, J.: The scope of open source licensing. Journal of Law, Economics, and Organization 21(1), 20–56 (2005)
Linux Foundation and its Contributors: A Common Software Package Data Exchange Format, version 1.2 (2013), http://spdx.org/sites/spdx/files/spdx-1
Madanmohan, T., et al.: Notice of violation of IEEE publication principles open source reuse in commercial firms. IEEE Software 21(6), 62–69 (2004)
Mancinelli, F., Boender, J., Di Cosmo, R., Vouillon, J., Durak, B., Leroy, X., Treinen, R.: Managing the complexity of large free and open source package-based software distributions. In: 21st IEEE/ACM International Conference on Automated Software Engineering, ASE 2006, pp. 199–208. IEEE (2006)
Rosen, L.: Open source licensing: Software Freedom and Intellectual Property Law. Prentice Hall PTR (2004)
Tuunanen, T., Koskinen, J., Kärkkäinen, T.: Automated software license analysis. Automated Software Engineering 16(3-4), 455–490 (2009)
Wang, H., He, H., Yang, J., Yu, P.S., Yu, J.X.: Dual labeling: Answering graph reachability queries in constant time. In: Proceedings of the 22nd International Conference on Data Engineering, ICDE 2006, pp. 75–75. IEEE (2006)
Wheeler, D.A.: The free-libre/open source software (floss) license slide (2007), http://www.dwheeler.com/essays/floss-license-slide.pdf
Xu, H., Yang, H., Wan, D., Wan, J.: The design and implement of open source license tracking system. In: 2010 International Conference on Computational Intelligence and Software Engineering (CiSE), pp. 1–4. IEEE (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Kapitsaki, G.M., Kramer, F. (2014). Open Source License Violation Check for SPDX Files. In: Schaefer, I., Stamelos, I. (eds) Software Reuse for Dynamic Systems in the Cloud and Beyond. ICSR 2015. Lecture Notes in Computer Science, vol 8919. Springer, Cham. https://doi.org/10.1007/978-3-319-14130-5_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-14130-5_7
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14129-9
Online ISBN: 978-3-319-14130-5
eBook Packages: Computer ScienceComputer Science (R0)