Version almost final

lecture: Fossology the X-ray radioscopic equipment for the analysis of Open Source Packages

Event_large

The use of open source software involves open source licenses which define the intentions of the authors when using the software. With a growing number of both licenses and open source packages, an open source tool for analyzing software and their licenses is crucial support. The Fossology project provides such analysis. The presentation will explain recent conceptual and technical changes to the Fossology project.

For the analysis of open source licenses, the Fossology software has been extended in the recent months with a three-way strategy in mind:
• Providing efficient scan approaches to identify licenses in the open source package: Identifying licenses in open source software can be, depending on the actual project, a tedious task: Today many variants and versions of open source licenses are published: The technical challenge lies in precisely determining the particular variant / version of license and exclude other possibilities with lowest manual inspection effort as possible.
• Nevertheless, manual inspection is inevitable, for example for new, unknown or author-specific licenses. This represents also the rationale with the recently updated SPDX standard, which distinguishes between found and concluded license when it comes to determine the actual license condition. As a result, the next challenge to solve is: How to provide an efficient UI when potentially manually dealing with thousands of files with license information?
• Reuse of license decisions can lead to a much lower manual inspection effort for future scans and thus is key for easier open source adoption. However, the need to carefully reuse applying decisions and leaving open points for clarification requires a conservative strategy of reuse on the other hand.
The Fossology open source software has been evolved to cover the above, which includes new approaches and a number of technical adaptations. The presentation will also cover collaboration aspects of contributing to the Fossology community and an outlook of evolving license analysis in the future.