research-article

An insight into license tools for open source software systems

Authors:

Georgia M. Kapitsaki,

Nikolaos D. Tselikas,

Ioannis E. FoukarakisAuthors Info & Claims

Journal of Systems and Software, Volume 102, Issue C

Pages 72 - 87

https://doi.org/10.1016/j.jss.2014.12.050

Published: 01 April 2015 Publication History

Abstract

We provide a licensing comparative overview of existing assistive approaches/tools.License identification tools present a more mature current state.License compliance requires the collaboration of various techniques.License graphs are useful in detecting license conflicts. Free/Libre/Open Source Software (FLOSS) has gained a lot of attention lately allowing organizations to incorporate third party source code into their implementations. When open source software libraries are used, software resources may be linked directly or indirectly with multiple open source licenses giving rise to potential license incompatibilities. Adequate support in license use is vital in order to avoid such violations and address how diverse licenses should be handled. In the current work we investigate software licensing giving a critical and comparative overview of existing assistive approaches and tools. These approaches are centered on three main categories: license information identification from source code and binaries, software metadata stored in code repositories, and license modeling and associated reasoning actions. We also give a formalization of the license compatibility problem and demonstrate the role of existing approaches in license use decisions.

References

[1]

T.A. Alspaugh, H.U. Asuncion, W. Scacchi, Intellectual property rights requirements for heterogeneously-licensed systems, in:, IEEE Computer Society, 2009, pp. 24-33.

[2]

T.A. Alspaugh, W. Scacchi, H.U. Asuncion, Software licenses in context: the challenge of heterogeneously-licensed systems, J. Assoc. Inf. Syst., 1 (2010) 730-755.

[3]

S. Androutsellis-Theotokis, D. Spinellis, M. Kechagia, G. Gousios, Open source software: a survey from 10,000 feet, Found. Trends Technol. Inf. OM, 4 (2011) 187-347.

[4]

R.M. Azzi, CPR: how Jacobsen v. Katzer resuscitated the open source movement, Univ. Ill. Law Rev. (2010) 1271.

[5]

J. Bevan, E.J. Whitehead, S. Kim, M. Godfrey, Facilitating software evolution research with Kenyon, in:, ACM Press, 2005.

[6]

BlackDuck. http://www.blackducksoftware.com/ (accessed 23.05.14).

[7]

T.D. Breaux, A.I. Anton, J. Doyle, Semantic parameterization: a process for modeling domain descriptions, ACM Trans. Soft. Eng. Methods, 18 (2008).

[8]

C.D. Brown, D. Barrera, D. Deugo, FiGD: an open source intellectual property violation detector, in: Proceedings of International Conference on Software Engineering and Knowledge Engineering, 2009, pp. 536-541.

[9]

S. Comino, F.M. Manenti, Dual licensing in open source software markets, J. Inf. Econ. Policy, 23 (2011) 234-242.

[10]

J. Davies, D.M. German, M.W. Godfrey, A. Hindle, Software bertillonage: finding the provenance of an entity, in: Proceedings of 8th Working Conference on Mining Software Repositories, 2011, pp. 183-192.

[11]

M. Di Penta, D.M. German, G. Antoniol, Identifying licensing of jar archives using a code-search approach, in: Proceedings of 7th IEEE Working Conference on Mining Software Repositories, 2010, pp. 151-160.

[12]

M. Di Penta, D.M. German, Y.-G. Guéhéneuc, G. Antoniol, An exploratory study of the evolution of software licensing, in:, ACM, 2010, pp. 145-154.

[13]

D.M. Douglas, A bundle of software rights and duties, Ethics Inf. Technol., 13 (2011) 185-197.

Digital Library

[14]

I.E. Foukarakis, G.M. Kapitsaki, N.D. Tselikas, Choosing licenses in free open source software, in: Proceedings of 24th International Conference on Software Engineering and Knowledge Engineering (SEKE 2012), 2012, pp. 200-204.

[15]

Freecode. http://freecode.com/ (accessed 23.05.14)

[16]

FSF, Free Software Foundation. http://www.fsf.org/ (accessed 23.05.14)

[17]

Furia-chan. http://www.furiachan.org/ (accessed 23.05.14)

[18]

G.R. Gangadharan, V. D'Andrea, M. Weiss, Free/open services, IT Prof., 12 (2010) 24-30.

[19]

D.M. German, M. Di Penta, A method for open source license compliance of Java applications, IEEE Soft., 29 (2012) 58-63.

Digital Library

[20]

D.M. German, A.E. Hassan, License integration patterns: addressing license mismatches in component-based development, in: Proceedings of IEEE 31st International Conference on Software Engineering, 2009, pp. 188-198.

Digital Library

[21]

D.M. German, Y. Manabe, K. Inoue, A sentence-matching method for automatic license identification of source code files, in: Proceedings of IEEE/ACM International Conference on Automated Software Engineering, ACM Press, 2010, pp. 437-446.

[22]

R. Gobeille, The FOSSology project, in: Proceedings of 2008 International Working Conference on Mining Software Repositories, ACM Press, 2008, pp. 47-50.

[23]

Gordon, T.F., 2010. Report on a prototype decision support system for OSS License Compatibility Issues. Qualipso (IST- FP6-IP-034763), Deliverable A1.D2.1.3. https://08198924-a-62cb3a1a-s-sites.googlegroups.com/site/thomasfrederickgordon/publications/files/QualipsoA1D213.pdf (accessed 23.05.14)

[24]

T.F. Gordon, Analyzing open source license compatibility issues with Carneades, in: Proceedings of 13th International Conference on Artificial Intelligence and Law (ICAIL'11), ACM, 2011, pp. 51-55.

Digital Library

[25]

A. Hanft, M. Reichle, The FLOSSWALD information system on free and open source software, in: Proceedings of 4th Conference on Professional Knowledge Management - Experiences and Visions, 2007, pp. 35-142.

[26]

Hassin, K., 2007. Open source on trial. Technology Innovation Management Review. http://timreview.ca/article/66 (accessed 23.05.14)

[27]

A. Hemel, K. Trygve Kalleberg, R. Vermaas, E. Dolstra, Finding software license violations through binary code clone detection, in:, ACM, 2011, pp. 63-72.

[28]

W.N. Hohfeld, Some fundamental legal conceptions as applied in judicial reasoning, Yale Law J., 23 (1913) 16-59.

[29]

J. Howison, M. Conklin, K. Crowston, FLOSSmole: a collaborative repository for FLOSS research data and analyses, Int. J. Inf. Technol. Web Eng., 1 (2006) 17-26.

[30]

C. Jensen, W. Scacchi, License update and migration processes in open source software projects, in open source systems: grounding research, in: Proceedings of 7th. IFIP International Conference on Open Source Systems, 2011, pp. 177-195.

[31]

JFrog. http://www.jfrog.com/ (accessed 23.05.14)

[32]

M. Kechagia, D. Spinellis, S. Androutsellis-Theotokis, Open source licensing across package dependencies., in: Proceedings of 14th Panhellenic Conference on Informatics (PCI'10), IEEE Computer Society, 2010, pp. 27-32.

[33]

Krugle. http://www.krugle.org/ (accessed 23.05.14)

[34]

Landman, Y., 2010. How to use continuous integration to protect your projects from open-source license violations. http://weblogs.java.net/blog/yoavl/archive/2010/12/16/how-use-continuous-integration-protect-your-projects-open-source-licen (accessed 2.05.14)

[35]

LIDESC, Librock License Awareness System. http://www.mibsoftware.com/librock/lidesc/ (accessed 23.05.14)

[36]

V Lindberg, Intellectual Property and Open Source: A Practical Guide to Protecting Code, O'Reilly Media, 2008.

[37]

R. Lawrence, Open Source Licensing: Software Freedom and Intellectual Property Law, Prentice Hall PTR, 2004.

[38]

A. Lokhman, A. Luoto, I. Hammouda, ¿. Mikkonen, Open source legality compliance of software architecture, in: Proceedings of 8th International Conference on Software Engineering Advances (ICSEA'13), 2013, pp. 571-578.

[39]

Ohloh. http://www.ohloh.net/ (accessed 23.05.14)

[40]

OSI, Open Source Initiative. http://opensource.org/ (accessed 23.05.14)

[41]

OSLC, Open source license checker, 2009. http://forge.ow2.org/projects/oslcv3/ (accessed 23.05.14)

[42]

OW2. http://www.ow2.org (accessed 23.05.14)

[43]

J. Peeters, General public license in court-analyses of the case law in EU countries, Jura Falconis, jg, 44 (2007) 631-656.

[44]

W. Scacchi, T.A. Alspaugh, Understanding the role of licenses and evolution in open architecture software ecosystems, J. Syst. Softw., 85 (2012) 1479-1494.

Digital Library

[45]

SPDX, Software Package Data Exchange Specification, version 1.2. http://spdx.org/content/spdx-specification (accessed 23.05.14)

[46]

M. Sojer, J. Henkel, License risks from ad hoc reuse of code from the internet, Commun. ACM, 54 (2011) 74-81.

Digital Library

[47]

D.P. Soukaras, I.K. Chaniotis, I.G. Karagiannis, I.S. Stampologlou, C.A. Triantafyllou, N.D. Tselikas, I.E. Foukarakis, A.C. Boucouvalas, Augmented audio reality mobile application specially designed for visually impaired people, in: Proceedings of 16th Panhellenic Conference on Informatics (PCI'12), IEEE Computer Society, 2012, pp. 13-18.

[48]

T. Tuunamen, J. Koskinen, T. Karkkaiken, Automated software license analysis, Automated Soft. Eng., 16 (2009) 455-490.

Digital Library

[49]

What-license. http://www.what-license.com/ (accessed 23.05.14)

[50]

Wheeler, D.A., 2007. The free-Libre/open source software (FLOSS) license slide. http://www.dwheeler.com/essays/floss-license-slide.pdf (accessed 23.05.14)

[51]

Williamson, A., 2013. Licensing of software on github: a quantitative analysis. Linux Collaboration Summit. http://www.softwarefreedom.org/resources/2013/lcs-slides-aaronw/#/begin (accessed23.05.14)

[52]

H. Xu, H. Yang, D. Wan, J. Wan, The design and implement of open source license tracking system, in: Proceedings of International Conference on Computational Intelligence and Software Engineering, 2010, pp. 1-4.

Cited By

Wintersgill NRoychoudhury APaiva AAbreu RStorey M(2024)Studying and Improving Software License Compliance in PracticeProceedings of the 2024 IEEE/ACM 46th International Conference on Software Engineering: Companion Proceedings10.1145/3639478.3639785(225-227)Online publication date: 14-Apr-2024
https://dl.acm.org/doi/10.1145/3639478.3639785
Kapitsaki G(2024)Generative AI for Code Generation: Software Reuse ImplicationsReuse and Software Quality10.1007/978-3-031-66459-5_3(37-47)Online publication date: 19-Jun-2024
https://dl.acm.org/doi/10.1007/978-3-031-66459-5_3
Win HWang HTan SChandra SBlincoe KTonella P(2023)Towards Automated Detection of Unethical Behavior in Open-Source Software ProjectsProceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3611643.3616314(644-656)Online publication date: 30-Nov-2023
https://dl.acm.org/doi/10.1145/3611643.3616314
Show More Cited By

Recommendations

Automating the license compatibility process in open source software with SPDX

We automate the process of license compatibility compliance.We consider the emerging Software Package Data Exchange (SPDX) specification.License detection is an important step in the license compatibility process.We use a testing set with open source ...
Towards open source software licenses compatibility check
PCI '22: Proceedings of the 26th Pan-Hellenic Conference on Informatics

The use of free and open source software is increasing and there is currently a tendency towards more openness in the provision of open source software. However, libraries that are used in conjunction with the software may affect the final license ...
Open Source License Inconsistencies on GitHub
Almost all software, open or closed, builds on open source software and therefore needs to comply with the license obligations of the open source code. Not knowing which licenses to comply with poses a legal danger to anyone using open source software. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Journal of Systems and Software

Journal of Systems and Software Volume 102, Issue C

April 2015

237 pages

ISSN:0164-1212

Issue’s Table of Contents

Copyright © Elsevier Inc.

Publisher

Elsevier Science Inc.

United States

Publication History

Published: 01 April 2015

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 29 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wintersgill NRoychoudhury APaiva AAbreu RStorey M(2024)Studying and Improving Software License Compliance in PracticeProceedings of the 2024 IEEE/ACM 46th International Conference on Software Engineering: Companion Proceedings10.1145/3639478.3639785(225-227)Online publication date: 14-Apr-2024
https://dl.acm.org/doi/10.1145/3639478.3639785
Kapitsaki G(2024)Generative AI for Code Generation: Software Reuse ImplicationsReuse and Software Quality10.1007/978-3-031-66459-5_3(37-47)Online publication date: 19-Jun-2024
https://dl.acm.org/doi/10.1007/978-3-031-66459-5_3
Win HWang HTan SChandra SBlincoe KTonella P(2023)Towards Automated Detection of Unethical Behavior in Open-Source Software ProjectsProceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3611643.3616314(644-656)Online publication date: 30-Nov-2023
https://dl.acm.org/doi/10.1145/3611643.3616314
Makari IZerouali ADe Roover C(2022)Prevalence and Evolution of License Violations in npm and RubyGems Dependency NetworksReuse and Software Quality10.1007/978-3-031-08129-3_6(85-100)Online publication date: 15-Jun-2022
https://dl.acm.org/doi/10.1007/978-3-031-08129-3_6
Woo SPark SKim SLee HOh H(2021)CentrisProceedings of the 43rd International Conference on Software Engineering10.1109/ICSE43902.2021.00083(860-872)Online publication date: 22-May-2021
https://dl.acm.org/doi/10.1109/ICSE43902.2021.00083
Moraes JPolato IWiese ISaraiva FPinto G(2021)From one to hundreds: multi-licensing in the JavaScript ecosystemEmpirical Software Engineering10.1007/s10664-020-09936-226:3Online publication date: 1-May-2021
https://dl.acm.org/doi/10.1007/s10664-020-09936-2
Harutyunyan NRiehle DBoldt T(2019)Industry best practices for open source governance and component reuseProceedings of the 24th European Conference on Pattern Languages of Programs10.1145/3361149.3361170(1-14)Online publication date: 3-Jul-2019
https://dl.acm.org/doi/10.1145/3361149.3361170
Singi KKaulgud VBose RPodder S(2019)CAGProceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain10.1109/WETSEB.2019.00011(32-39)Online publication date: 27-May-2019
https://dl.acm.org/doi/10.1109/WETSEB.2019.00011
Meloca RPinto GBaiser LMattos MPolato IWiese IGerman DZaidman AKamei YHill E(2018)Understanding the usage, impact, and adoption of non-OSI approved licensesProceedings of the 15th International Conference on Mining Software Repositories10.1145/3196398.3196427(270-280)Online publication date: 28-May-2018
https://dl.acm.org/doi/10.1145/3196398.3196427
Gamalielsson JLundell BMorgan L(2017)On licensing and other conditions for contributing to widely used open source projectsProceedings of the 13th International Symposium on Open Collaboration10.1145/3125433.3125456(1-14)Online publication date: 23-Aug-2017
https://dl.acm.org/doi/10.1145/3125433.3125456
Show More Cited By

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents