UPDATE ......From Tuesday 8 April 2025 we have changed the way that Single Sign-on works on this wiki. Please see here for more information:
Update
Build Trust, Ensure Compliance, and Strengthen Open Source Impact
GÉANT provides a structured certification scheme to help software development teams manage licensing, dependencies, and related risks throughout the project lifecycle. Whether your software is internal, unpublished, or openly distributed, these certificates offer clarity, traceability, and assurance.
Why Certify?
Mitigate risk early by identifying licensing, dependency, and compliance issues.
Ensure compliance with the GÉANT IPR Policy and open-source standards.
Prepare for distribution by validating licence compatibility, completeness, and transparency.
Build trust with users, contributors, and stakeholders.
Enable reuse and collaboration with verified, clear legal and metadata artefacts, and internal processes.
Available Certificates
Self-Assessed Dependencies
For early-stage or internal projects. Confirms that direct dependencies are identified and reviewed for critical vulnerabilities and mutual licence compatibility.
...
A lightweight, scalable entry into licence governance, with focus on direct dependencies.
Verified Dependencies
For code not yet distributed or licensed. Confirms that all dependencies (both direct and transitive) are externally verified for licences and vulnerabilities.
...
Provides stronger assurance than self-assessment , but does not cover the project’s licence. Ideal preparation for distribution.
Verified Software Licence
For projects ready for distribution. Confirms that the licence has been selected, declared, and is compatible with all components.
...
Enables compliant, low-risk public releases.
Software Licence Assurance
For actively maintained, publicly distributed projects with consistent governance. Confirms ongoing compliance supported by policies, tools, and monitoring.
...
Validates licence compliance processes and operational maturity.
OSS Community Champion (forthcoming)
For projects demonstrating sustained leadership and open-source excellence. Recognises transparency, community engagement, and transparent governance.
...
Signals credibility and influence. Enhances visibility through GÉANT outreach.
How to Get Certified
Select the certificate matching your project’s stage
Gather and assess information about your dependencies and licence(s)
Use the GÉANT SCA service or equivalent tools (for dependencies-focused certificates)
Complete the checklist or SLA review (for licence-oriented certificates)
Request certification via the GÉANT software governance support channel
Each certification level builds on the previous one, forming a clear path from basic risk management with Self-Assessed Dependencies to full licence governance.
...