LWN: Comments on "License compliance in the open-source supply chain"

License compliance in the open-source supply chain

philipsbd — Thu, 11 May 2017 05:34:03 +0000

Solving a different problem of tracking Go dependencies but we built a useful tool for tracking dependent projects into a machine parseable JSON format https://github.com/coreos/license-bill-of-materials

License compliance in the open-source supply chain

gioele — Tue, 09 May 2017 18:35:42 +0000

> I wonder whether this project is aware of the great work done in the "OpenSource License Compendium" and "OpenSource Compliance Advisor" projects
http://dtag-dbu.github.io/oslic/

The OSLiC/"OpenSource License Compendium project seems interesting, but its website completely fails at 1) explaining what it is about and 2) providing the compendium itself.

For example: the homepage focuses on a Open Source License Compendium Manifesto with only hints at what the project is about. The download page tells me to download a LaTeX distribution and suggest me to use an Eclipse plugin.

Only after wandering through dozens of unrelated pages one gets to download the (indeed interesting) compendium: http://opensource.telekom.net/oslic/releases/oslic.pdf and http://opensource.telekom.net/oslic/releases/oslic-reveng...

License compliance in the open-source supply chain

garloff — Tue, 09 May 2017 10:33:18 +0000

I wonder whether this project is aware of the great work done in the "OpenSource License Compendium" and "OpenSource Compliance Advisor" projects
http://dtag-dbu.github.io/oslic/