Skip to content

Latest commit

 

History

History
97 lines (73 loc) · 3.71 KB

README.md

File metadata and controls

97 lines (73 loc) · 3.71 KB
Raw

GitHub Action Build Coverage Status codebeat badge Go Report Card License Version

lioss

License Identification tool for OSS project.

🗣️ Overview

Generally, OSS projects have licenses. The licenses grant permissions to users for using, modifying, and sharing the software. The users of the software must follow the terms shown in the licenses.

On the other hand, today's software generally has some dependencies. Additionally, dependant software has some dependencies, too. Therefore, the dependant graph of the OSS becomes complex.

In such a situation, it is a quite tough task for checking the conflicts among licenses. The first problem is to detect a conflict between two given licenses. The second problem is to identify the license of a project. lioss tries to solve the above second problem by identifying the license of the given project.

SPDX is trying to automatically identify licenses, however, it is hard to say that it became common sense. This project detects the OSS licenses from the LICENSE files of the given projects. Then, we aim to detect conflicts by identifying OSS licenses from the license files of dependent libraries.

Usage

lioss

Identifies license name from file and/or project directories.

lioss version 1.0.0
lioss [OPTIONS] <PROJECTS...>
OPTIONS
        --dbpath <DBPATH>          specifying database path.
    -a, --algorithm <ALGORITHM>    specifies algorithm. Default is 5gram.
                                   Available values are: kgram, wordfreq, and tfidf.
    -t, --threshold <THRESHOLD>    specifies threshold of the similarities of license files.
                                   Each algorithm has default value. Default value is 0.75.
    -h, --help                     print this message.
PROJECTS
    project directories, archive files (jar, and zip) contains LICENSE file, and/or LICENSE file.

mkliossdb

Creates the database of lioss from License documents.

mkliossdb [OPTIONS] <LICENSE...>
OPTIONS
    -d, --dest <DEST>        specifies the destination file path. Default is 'liossdb.json'
    -h, --help               print this message.
LICENSE
    specifies license files.

Install

Go-lang

$ go get github.com/tamada/lioss

🍺 Homebrew

$ brew tap tamada/brew
$ brew install lioss

💪 Compiling yourself

$ git clone github.com/tamada/lioss
$ cd lioss
$ make

References

  • dmgerman/ninka
    • Daniel M. German, Yuki Manabe and Katsuro Inoue. A sentence-matching method for automatic license identification of source code files. In 25nd IEEE/ACM International Conference on Automated Software Engineering (ASE 2010).
    • This product identifies the license of each source file. However, it does not work on my environment.
  • pivotal/LicenseFinder
    • This product finds dependencies from build file, and find license.
  • SPDX (Software Package Data Exchange). *