微信服务号

微信订阅号

2025年6月16日 16:07 星期一
首页 > 过刊浏览>2022年第33卷第8期 >3035-3058. DOI:10.13328/j.cnki.jos.006374
PDF HTML阅读 XML下载 导出引用 引用提醒
开源许可证合规性研究
作者:
作者简介:

王志强(1995-),男,硕士生,主要研究领域为开源软件,开源许可证;
张自力(1964-),男,博士,教授,博士生导师,CCF杰出会员,主要研究领域为人工智能,数据分析;
伍胜(1976-),男,博士,讲师,主要研究领域为地理信息系统;
刘志有(1997-),男,硕士生,主要研究领域为开源软件,开源许可证;
肖国强(1965-),男,博士,教授,博士生导师,CCF专业会员,主要研究领域为计算机视觉,机器学习,大数据技术,物联网技术;
彭景(1995-),女,硕士,主要研究领域为开源生态模式及机制研究.

通讯作者:

肖国强,E-mail:gqxiao@swu.edu.cn

中图分类号:

TP311

基金项目:

国家重点研发计划(2018YFB1004201)


Study of Open-source Software License Compliance
Author:
Fund Project:

National Key R&D Program of China (2018YFB1004201)

  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [62]
    • |
  • 相似文献 [20]
    • | | |
  • 文章评论
    摘要:

    随着开源概念的逐步深入,开源软件成为软件发展的潮流.同时,开源软件的使用受各类开源许可证约束.开源参与者在开发过程中该如何为自己的开源软件选择合适的许可证,确保高效合理地使用社区群体智慧劳动成果,仍是一个亟需解决的问题.为此,首先分析和解读了开放源代码促进会认证的常用开源许可证,通过对许可证条款内容和结构的研究,得到开源许可证框架及许可证兼容性推导模型,并将该模型应用于对我国自主研发的木兰宽松许可证的分析和解读.最后,基于上述工作研发了开源许可证选择工具,为开源开发者对许可证的理解和合规使用提供了参考和决策支持.

    Abstract:

    With the progresses of open source concept, open source software has become the trend of software development, and the use of open source software is subject to various open source licenses. How open source participants can correctly choose open source software licenses in their development to ensure the efficient and reasonable use of the collaborative results of community groups is still an urgent issue to be solved. To this end, commonly used open source licenses are firstly analyzed and interpreted for OSI certification in the paper. Furthermore, with the studies of the license terms and structure, the open source license framework, and compatibility derivation models are deduced. The model is applied to the analysis and interpretation of Mulan permissive software license independently developed in China. Finally, based on the above work, a license choosing tool for open source license is developed, which provides references and decision support for open source developers to understand and use licenses.

    参考文献
    [1] Jin Z, Zhou MH, Zhang YX.Open source software and its eco-systems:Today and tommorow.Science&Technology Review, 2016, 34(14):42-48(in Chinese with English abstract).[doi:10.3981/j.issn.1000-7857.2016.14.005]
    [2] Sauer RM.Why develop open source software?The role of nonpecuniary benefits, monetary rewards and open source licence type.Oxford Review of Economic Policy, 2007, 23(4):605-619.
    [3] Mei H, Zhou MH.Challenges brought by open source to the talents of the software.Computer Education, 2017(1):2-5(in Chinese).
    [4] Ballhausen M.Free and open source software licenses explained.Computer, 2019, 52(6):82-86.
    [5] St Laurent AM.Understanding open source and free software licensing.O'Reilly Media, Inc., 2004.
    [6] Vendome C, German D, Penta MD, et al.To distribute or not to distribute?Why licensing bugs matter.In:Proc.of the 40th Int'l Conf.on Software Engineering.ACM, 2018.268-279.
    [7] Kapitsaki GM, Kramer F.Open source license violation check for SPDX files.In:Proc.of the Int'l Conf.on Software Reuse.Cham:Springer-Verlag, 2015.
    [8] Fendt O, Jaeger MC.Open source for open source license compliance.In:Proc.of the IFIP Int'l Conf.on Open Source Systems.Cham:Springer-Verlag, 2019.
    [9] Gamalielsson J, Lundell B.On licensing and other conditions for contributing to widely used open source projects:An exploratory analysis.In:Proc.of the 13th Int'l Symp.on Open Collaboration.2017.1-14.
    [10] Harutyunyan N, Bauer A, Riehle D.Industry requirements for FLOSS governance tools to facilitate the use of open source software in commercial products.Journal of Systems and Software, 2019, 158:110390.
    [11] He DJ, Song H, Wang Q, et al.A study of open source license and its detection software.Computer Applications and Software, 2018, 35(6):28-35, 53(in Chinese with English abstract).
    [12] Kapitsaki GM, Tselikas ND, Foukarakis IE.An insight into license tools for open source software systems.Elsevier Science Inc., 2015.
    [13] Kapitsaki G, Charalambous G.Modeling and recommending open source licenses with findOSSLicense.IEEE Trans.on Software Engineering, 2019.
    [14] Xu HB, Yang HH, Li DJ, et al.Study of open source license tracking process.Application Research of Computers, 2010, 27(8):2972-2975(in Chinese with English abstract).
    [15] Vendome C, Linares-Vásquez M, Bavota G, et al.Machine learning-based detection of open source license exceptions.In:Proc.of the 39th IEEE/ACM Int'l Conf.on Software Engineering (ICSE).IEEE, 2017.118-129.
    [16] Vendome C, Linares-Vásquez M, Bavota G, et al.When and why developers adopt and change software licenses.In:Proc.of the 2015 IEEE Int'l Conf.on Software Maintenance and Evolution (ICSME).2015.31-40.[doi:10.1109/ICSM.2015.7332449]
    [17] Carver BW.Share and share alike:Understanding and enforcing open source and free software licenses.Berkeley Technology Law Journal, 2010(1).
    [18] Raymond E.The cathedral and the bazaar.Knowledge Technology&Policy, 1999, 12(3):23-49.
    [19] Kennedy DM.A primer on open source licensing legal issues:Copyright, copyleft and copyfuture.Louis University Public Law Review, 2001, 20:345.
    [20] Weber S.The success of open source.Library Review, 2004, 13(100):1-6.
    [21] Patterson MR.Must licenses be contracts-consent and notice in intellectual property.Florida State University Law Review, 2012, 40:105.
    [22] Mikko V.Dual licensing in open source software industry.SSRN Electronic Journal, 2003.
    [23] Comino S, Manenti FM.Dual licensing in open source software markets.Information Economics and Policy, 2011, 23(3-4):234-242.
    [24] Horne NT.Open source software licensing:Using copyright law to encourage free use.2001.
    [25] Hammouda I, Mikkonen T, Oksanen V, et al.Open source legality patterns:architectural design decisions motivated by legal concerns.In:Proc.of the MindTrek 2010, ACM.2010.207-214.
    [26] Zhang P, Zhang TL.The possible problems and countermeasures of the combination of open source software and commercial software.Netinfo Security, 2006(3):69-70, 74.(in Chinese).
    [27] Gobeille R.The FOSSology project.In:Proc.of the 2008 Int'l Working Conf.on Mining Software Repositories (MSR 2008)(Co-located with ICSE), Leipzig:DBLP, 2008.
    [28] Obrenovic Z, Gasevic D.Open source software:All you do is put it together.IEEE Software, 2007, 24(5):86-95.
    [29] Kechagia M, Spinellis D, Androutsellis-Theotokis S.Open source licensing across package dependencies.In:Proc.of the Panhellenic Conf.on Informatics.IEEE Computer Society, 2010.
    [30] German DM, Manabe Y, Inoue K.A sentence-matching method for automatic license identification of source code files.In:Proc.of the IEEE/ACM Int'l Conf.on Automated Software Engineering.ACM, 2010.437-446.
    [31] Jaeger MC, Fendt O, Gobeille R, et al.The FOSSology project:10 years of license scanning.Int'l Free and Open Source Software Law Review, 2018, 9(1):9-18.
    [32] Kapitsaki, Georgia M, Paschalides D.Identifying terms in open source software license texts.In:Proc.of the 24th Asia-Pacific Software Engineering Conf.(APSEC).IEEE, 2017.
    [33] Feng M, Mao W, Yuan Z, et al.Open-source license violations of binary software at large scale.In:Proc.of the 26th Int'l Conf.on Software Analysis, Evolution and Reengineering (SANER).IEEE, 2019.
    [34] Zhang H.Comparison of open source license scanning tools.2020.
    [35] Monden A, Okahara S, Manabe Y, et al.Guilty or not guilty:Using clone metrics to determine open source licensing violations.IEEE Software, 2011, 28(2):42-47.
    [36] Kapitsaki GM, Kramer F, Tselikas ND.Automating the license compatibility process in open source software with SPDX.Journal of Systems and Software, 2016, 131:386-401.
    [37] Wheeler, David A.The free-libre/open source software (FLOSS) license slide.2007.http://www.dwheeler.com/essays/flosslicense-slide.pdf
    [38] McLeod M.A new model of "dual licensing" for open source.Software World, 2006(14):56-57(in Chinese).
    [39] Alspaugh TA, Asuncion HU, Scacchi W.Intellectual property rights requirements for heterogeneously-licensed systems.In:Proc.of the 17th IEEE Int'l Requirements Engineering Conf.IEEE, 2009.24-33.
    [40] Kapitsaki GM, Charalambous G.Find your open source license now!In:Proc.of the Software Engineering Conf.IEEE, 2017.
    [41] Zahoor F, Bajwa IS.Automatic extraction of catchphrases from software license agreement.In:Proc.of the 6th Int'l Conf.on Intelligent Human-Machine Systems and Cybernetics, Vol.2.IEEE, 2014.189-193.
    [42] German DM, Hassan AE.License integration patterns:Addressing license mismatches in component-based development.In:Proc.of the 31st Int'l Conf.on Software Engineering.IEEE, 2009.188-198.
    [43] Gordon T.Report on prototype decision support system for oss license compatibility issues.Qualipso, 2010, 79:80.
    [44] Singh PV, Phelps C.Networks, social influence, and the choice among competing innovations:Insights from open source software licenses.Social Science Electronic Publishing, 2013, 24(3):539-560.
    [45] Lerner J, Tirole J.The scope of open source licensing.Journal of Law, Economics, and Organization, 2005, 21(1):20-56.
    [46] German DM, González-Barahona JM.An empirical study of the reuse of software licensed under the GNU general public license.In:Proc.of the IFIP Int'l Conf.on Open Source Systems.Berlin, Heidelberg:Springer-Verlag, 2009.
    [47] Moglen E, Choudhary M.Software freeedom law center guide to GPL compliance.Software Freedom Law Center, 2014.https://softwarefreedom.org/resources/2014/SFLC-Guide_to_GPL_Compliance_2d_ed.html
    [48] Wu X, Wu JY, Zhou MH, et al.Selection of open source license:Challenges and influencing factors.Ruan Jian Xue Bao/Journal of Software, 2021(in Chinese with English abstract).http://www.jos.org.cn/1000-9825/6279.htm[doi:10.13328/j.cnki.jos.006279]
    [49] Wang ZQ.The compliance use research on open source software licenses based on spdx license list[MS.Thesis].Chongqing:Southwest University, 2021(in Chinese with English abstract).[doi:10.27684/d.cnki.gxndx.2021.001811]
    [50] Almeida DA, Murphy GC, Wilson G, et al.Do software developers understand open source licenses?In:Proc.of the 25th IEEE/ACM Int'l Conf.on Program Comprehension (ICPC).IEEE, 2017.1-11.
    [51] Cotton BJ.Impact of license selection on open source software quality[MS.Thesis].Purdue University, 2014.
    [52] Wang ZQ, Xiao GQ, Zhang ZL, et al.A novel model for automatic identification of open source software license terms.In:Proc.of the 4th Int'l Conf.on Computer and Communication Engineering Technology (CCET).IEEE, 2021.212-219.
    [53] Schoettle H.Open source license compliance-Why and how?Computer, 2019, 52(8):63-67.
    附中文参考文献:
    [1] 金芝,周明辉,张宇霞.开源软件与开源软件生态:现状与趋势.科技导报, 2016, 34(14):42-48.[doi:10.3981/j.issn.1000-7857.2016.14.005]
    [3] 梅宏,周明辉.开源对软件人才培养带来的挑战.计算机教育, 2017,(1):2-5.
    [11] 何东杰,宋昊,王琪,等.开源许可证及其检测工具研究.计算机应用与软件, 2018, 35(6):28-35, 53.
    [14] 许洪波,杨会会,李德杰,等.开源许可证检测系统的研究.计算机应用研究, 2010, 27(8):2972-2975.
    [26] 张平,张韬略.开源软件与商业软件结合可能产生的问题及其对策.信息网络安全, 2006(3):69-70, 74.
    [38] McLeod M."双重授权"的开源新模式.软件世界, 2006(14):56-57.
    [48] 吴欣,武健宇,周明辉,等.开源许可证的选择:挑战和影响因素.软件学报, 2022, 33(1):1-25.http://www.jos.org.cn/1000-9825/32/6279.htm[doi:10.13328/j.cnki.jos.006279]
    [49] 王志强.面向SPDX许可证列表的开源软件许可证合规使用研究[硕士学位论文].重庆:西南大学, 2021.[doi:10.27684/d.cnki.gxndx.2021.001811]
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

王志强,伍胜,肖国强,张自力,刘志有,彭景.开源许可证合规性研究.软件学报,2022,33(8):3035-3058

复制
分享
文章指标
  • 点击次数:2150
  • 下载次数: 4747
  • HTML阅读次数: 3093
  • 引用次数: 0
历史
  • 收稿日期:2020-02-01
  • 最后修改日期:2021-03-03
  • 在线发布日期: 2021-05-21
  • 出版日期: 2022-08-06
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第20060366位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号