Does Richard Stallman work for your organization? Can’t use the Anyone But Richard Stallman License then…
Vanity licenses exist. Obscure licenses exist. We may laugh or argue about why they were published, But how do we handle these license exceptions? If we don’t acknowledge and deal with all the licenses that exist in published software, we will keep having license exception headaches.
Many software license detection tools have two key problems:
- A too-narrow focus on the subset of common open source licenses while ignoring the high volume of less common licenses (the long tail) that exist in the real world.
- Exclusion of proprietary or commercial licenses that intersect or overlap with open source licenses, such as “dual” licenses.
For OSPOs to work with real data – not just theoretical assumptions – we need FOSS license detection tools that cast a wide net to handle all open source licenses, and future versions too. And we need FOSS tools to efficiently review these licenses and apply license policies across product codebases, updates, and versions.
The goal: Identify all licenses fast in a clean process with minimal license detection exceptions. By using FOSS tools and setting clear policies, OSPOs can empower organizations to quickly identify licenses and apply policies without asking developers to read license texts.
The result: Triaging license exceptions is easy.
Watch this recorded webinar with nexB co-founder and CTO Phillipe Ombredanne to learn more about how to quickly Identify all licenses in a standard process with minimal license detection exceptions.
Ready to learn more?
- Scan your codebase with ScanCode
- Find software vulnerabilities with VulnerableCode
- Start automating compliance with DejaCode