License Identification tool for OSS project.
Generally, OSS projects have licenses. The licenses grant permissions to users for using, modifying, and sharing the software. The users of the software must follow the terms shown in the licenses.
On the other hand, today's software generally has some dependencies. Additionally, dependant software has some dependencies, too. Therefore, the dependant graph of the OSS becomes complex.
In such a situation, it is a quite tough task for checking the conflicts among licenses.
The first problem is to detect a conflict between two given licenses.
The second problem is to identify the license of a project.
lioss
tries to solve the above second problem by identifying the license of the given project.
SPDX is trying to automatically identify licenses, however, it is hard to say that it became common sense. This project detects the OSS licenses from the LICENSE files of the given projects. Then, we aim to detect conflicts by identifying OSS licenses from the license files of dependent libraries.
Identifies license name from file and/or project directories.
lioss version 1.0.0
lioss [OPTIONS] <PROJECTS...>
OPTIONS
--dbpath <DBPATH> specifying database path.
-a, --algorithm <ALGORITHM> specifies algorithm. Default is 5gram.
Available values are: kgram, wordfreq, and tfidf.
-t, --threshold <THRESHOLD> specifies threshold of the similarities of license files.
Each algorithm has default value. Default value is 0.75.
-h, --help print this message.
PROJECTS
project directories, archive files (jar, and zip) contains LICENSE file, and/or LICENSE file.
Creates the database of lioss from License documents.
mkliossdb [OPTIONS] <LICENSE...>
OPTIONS
-d, --dest <DEST> specifies the destination file path. Default is 'liossdb.json'
-h, --help print this message.
LICENSE
specifies license files.
$ go get github.com/tamada/lioss
$ brew tap tamada/brew
$ brew install lioss
$ git clone github.com/tamada/lioss
$ cd lioss
$ make
- dmgerman/ninka
- Daniel M. German, Yuki Manabe and Katsuro Inoue. A sentence-matching method for automatic license identification of source code files. In 25nd IEEE/ACM International Conference on Automated Software Engineering (ASE 2010).
- This product identifies the license of each source file. However, it does not work on my environment.
- pivotal/LicenseFinder
- This product finds dependencies from build file, and find license.
- SPDX (Software Package Data Exchange). *