On 17th April, DTIC-UPF hosted a Linux Foundation Open Source compliance activity, in collaboration with id law partners (a Barcelona boutique IP/IT law firm) presenting “Open Source compliance for Engineers”. Participants included members of DTIC-UPF research groups, the Institut Municipal d’Informàtica, CIMNE (a research group of the Polytechnic University of Catalonia), Barcelona’s Centre de Recerca Genòmica and private companies and developers interested in managing the legal aspects of free and open source software development.
The aim of the workshop was to introduce FOSS license management technologies and tools to software engineers and project managers, within a “legal open source” context, and present industry best practices. In particular the workshop focused on FOSSology, an open source license compliance software system and toolkit. As a toolkit, you can run license, copyright and export control scans from the command line. As a system, a database and Web user interface provide you with a compliance workflow. License, copyright and export scanners are tools used in the workflow. After an initial presentation of the tools, the workshop went hands-on, enabling participants to start off with basic tasks in Fossology, loading projects, getting the license list, and exporting data in several formats. This presented the challenges in the real world, with examples of license analysis of open source components. It also gave an overview of component analysis and SPDX usage with FOSSology.
Many thanks go to Michael Jaeger, lead of the Linux Foundation's FOSSology project, who led the presentation, supported by Matija Suklje, Kate Stewart, Steve Winslow and Malcolm Bain.