In a bid to eliminate a barrier to open source code adoption, the
Linux Foundation is launching the Open Compliance Program to guide
users on how to stay within the GPL and other open source code
license limits. Open source licenses have gained a new,
court-backed legitimacy, and Eben Moglen's Software Freedom Law
Center has taken several well publicized enforcement actions
against General Public License violators. The GPL governs use of
Linux and other open source code. The Apache license and Berkeley
BSD license are also frequently used.
Part of the resolution of the Software Freedom lawsuits has been to
impose a compliance process on the future use of open source code
at the target company. Jim Zemlin, executive director of the Linux
Foundation, said the foundation is trying to make compliance as
simple and easy as possible for companies that want to expand their
use of open source.
"As open source has proliferated up and down the product supply
chain, so has the complexity of managing open source compliance,"
he said in an interview in advance of LinuxCon.
With Linux spreading into mobile and embedded devices,
manufacturers have confronted increasingly complex combinations of
open source code and commercial code and need guidance on what
rules govern the operation of the two. Linux often underlies
telecommunications companies' operations. It's often bundled with
other open source code to finds its way into the operation of
product as an embedded system.
Facing such complexity, his foundation is trying to show "how we
can create a vaccination for the software industry" against
compliance issues, said Zemlin.
The foundation has released a set of code scanning tools, including
a Dependency Checker, which can identify what code is linked to
what. If open source code is linked to commercial code, that
affects how it can be used, and the tool offers a license policy
framework that would allow a code manager to define what licenses
he needed.