Validate your SPDX files for open source license violations
Kapitsaki, Georgia M.
PublisherAssociation for Computing Machinery
SourceProceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering
24th ACM SIGSOFT International Symposium on Foundations of Software Engineering, FSE 2016
Google Scholar check
MetadataShow full item record
Licensing decisions for new Open Source Software are not al-ways straightforward. However, the license that accompanies the software is important as it largely affects its subsequent distribution and reuse. License information for software products is captured-among other data-in the Software Package Data Exchange (SPDX) files. The SPDX specification is gaining popularity in the software industry and has been adopted by many organizations internally. In this demonstration paper, we present our tool for the validation of SPDX files regarding proper license use. Software packages described in SPDX format are examined in order to detect license violations that may occur when a product combines different software sources that carry different and potentially contradicting licenses. The SPDX License Validation Tool (SLVT) gives the opportunity to check the compatibility of one or more SPDX files. The evaluation performed on a number of software packages demonstrates its usefulness for drawing conclusions on license use, revealing violations in some of the test projects. © 2016 ACM.
Showing items related by title, author, creator and subject.
Kapitsaki, Georgia M.; Kramer, F.; Tselikas, N. D. (2017)Free and Open Source Software (FOSS) promotes software reuse and distribution at different levels for both creator and users, but at the same time imposes some challenges in terms of FOSS licenses that can be selected and ...
Kapitsaki, Georgia M.; Kramer, F. (2014)The Open Source Software development model has gained a lot of momentum in the latest years providing organizations and software engineers with a variety of software, components and libraries that can be exploited in the ...
Kapitsaki, Georgia M.; Tselikas, N. D.; Foukarakis, I. E. (2015)Free/Libre/Open Source Software (FLOSS) has gained a lot of attention lately allowing organizations to incorporate third party source code into their implementations. When open source software libraries are used, software ...