OpenChain
REUSE
Best practices for declaring copyright and licenses
Why is it so hard to detect the licensing and copyright information of source code? Because it is a tedious and often confusing task for developers to provide this information. The REUSE project changes that! With three simple steps, it makes adding and reading licensing and copyright information easy for both humans and machines. This presentation will guide you through the REUSE best practices and presents how to make clear licensing simple.
In 2017, the FSFE started the REUSE initiative. The main goal is to make it easier for developers to declare the licensing and copyright situation for their code. Especially in common scenarios where a repository contains code from various sources under different licenses with multiple copyright holders, it often becomes complex for everyone who wants to legally reuse code.
Therefore, REUSE provides best practices that aim to be compatible with already existing recommendations and still cover also complex projects and their edge cases. The result is that for a REUSE compatible repository, every single file in some way carries information about its license and copyright holder(s), with the full license text(s) available.
To make adoption as easy as possible, REUSE offers tools and accompanying documentation. Thanks to this, we already see hundreds of projects being REUSE compliant already. The more projects follow the best practices, the easier developers can reuse their code safely and thereby contribute to a system in which you do not need a lawyer to license your code.
Additional information
| Type | devroom |
|---|
More sessions
| 2/6/21 |
A short overview of the OpenChain project, its purpose, goals and the current state
|
| 2/6/21 |
OpenHarmony is a new operating system stewarded by Huawei's Open Source Technology Center, with Array as advisor. Having prioritized compliance, governance and transparency, OpenChain was the natural backdrop for it. Rather than embracing open source only to exploit it, having transparency and compliance as a last minute afterthought, OSTC has made them central pillars from the very beginning. We seek the opportunity to present you how the goal of OpenChain conformance helped.
|
| 2/6/21 |
Openchain is a comprehensive set of requirements allowing to cope with the open source compliance challenge. Recently it even has been accepted as ISO standard. However, compliance in todays world is not possible without tool support. To get a grip on the different tools, understand what they can do and where their limitations are, the OC tooling workgroup decided to develop a capability model. This model outlines all required capabilities to cope with the open source challenge and allows to map ...
|
| 2/6/21 |
Open Compliance Reference Tooling in action. The talk will show the most important building blocks of a working automated Open Source Management pipeline based on Open Source Tools as well as the necessary processes and workflows around the tooling to leverage open component metadata from the community.
|
| 2/6/21 |
In this talk, James Curtis, lead developer at OpusVL, will explain the complex compliance challenge faced when working on a variety of projects for different customers, each having overlapping and separate areas of Open Source code. He will explain the approach taken to automating the process by connecting up the software release pipeline through Continuous Integration (CI) tooling to deliver OpenChain compliance reporting. This will cover the path from developer and version control through ...
|
