The state of open source licensing clarity
And how to make FOSS license discovery a non-issue
Philippe Ombredanne is a passionate FOSS hacker, lead maintainer of the ScanCode toolkit and on a mission to enable easier and safer to reuse FOSS code with best in class open source tools for open source discovery, software composition analysis and license & security compliance at https://aboutcode.org
Philippe contributes to several other projects including the Linux kernel SPDX-ification; the SPDX and ClearlyDefined projects, strace, several Python tools, and previously to JBoss, Eclipse and Mozilla. Philippe has been also a long time Google Summer of Code mentor and org admin.
Work-wise, he is the CTO of nexB a company that helps software teams track what's in their code with DejaCode, an open source governance and compliance dashboard.
In an ideal world, the provenance and open source license of third-party software would be available as easy-to-discover structured data. We are not there yet! We will review a detailed study on the clarity of licenses documentation practices in 5,000 popular open source software packages and infer the state of licensing clarity globally gained from the insights and statistics of the ClearlyDefined project data gained from massive license scans with the scancode-toolkit. And we will discuss what can be done to improve this situation.
I will present the state of the license documentation clarity in the open source community at large through the lens of:
the introduction to the license clarity metrics we designed for ClearlyDefined and in the scancode-toolkit
the presentation of a study of the license clarity of 5000 popular open source projects across multiple programming languages and ecosystems
an overview of the statistics on license clarity across 10M packages
a specific review of the licensing practices and license clarity statistics in openSUSE packages
- Date:
- 2020 October 16 - 20:30
- Duration:
- 30 min
- Room:
- Room 1
- Language:
- Track:
- Open Source
- Difficulty:
- Easy