Page tree
Skip to end of metadata
Go to start of metadata
ObjectiveEnsure compatibility of licenses for external software libraries and their conformance to the organization's goals and constraints
Applicability

This practice concerns the design and development phase of the project

Context

The practice applies to projects that use external libraries or components provided by third-party vendors (including OSS projects).

Addressed elements in SMM2.4. Management of IPR and dependencies
Prerequisites to applynone
Recommendation
  1. Verify if the subject licenses conform to constraints imposed by the organization
    1. Collect and verify information at the licensee's website
    2. Seek support from the GEANT IPR Coordinator: iprcoordinator@geant.org,and ensure that any requirements set in open source licenses and other recommendations set in the GEANT IPR Policy are met
  2. Verify compatibility of licenses used in the project
    1. Collect and verify information at the licensee's website
    2. Seek support from the GEANT IPR Coordinator: iprcoordinator@geant.org
    3. Use tools to support the verification
  3. Document the used libraries and their licenses. Track changes in the used libraries.
Risks
  1. The license rights are misinterpreted
    1. The subject component needs to be replaced with a compatible one
  2. The licenses are incompatible
    1. The conflict must be resolved by replacing one of the affected libraries
Related practices
SourceThis practice has been defined based on the literature, supported by the observation by the SwM team.
  • No labels