...
- Every GÉANT software project should select and apply a suitable OSS licence that fits the needs of the software development team and those of the user community.
- Start the licensing process early, to make it easier to set up a licence and maintain compliance.
- The chosen licence must be compatible with licences of all used components so that the IPR and licensing risks on GÉANT are eliminated.
- It is preferable to place the OSS source code in a public and versioned code repository with a clear indication of the used licence.
- Copyright information must indicate GÉANT’s involvement and support. This information underscores that work was conducted within the GÉANT project or received support from it and identifies who authored the produced software.
- Assess the used components and software by applying common software quality and trustworthiness checklists, to ensure the components used and software produced are reliable. Examples: TinyMCE – Open source software evaluation checklist [TinyMCE_OSSEC], Red Hat – Checklist for measuring the health of an open source project [RedHat_COSP TinyMCE – Open source software evaluation checklist], EURISE Network Technical Reference – Software quality checklist [EURISE_SQC TinyMCE – Open source software evaluation checklist, Red Hat – Checklist for measuring the health of an open source project, EURISE Network Technical Reference – Software Quality Checklist].
- Use software composition and license analysis (SCA and SLA) services that conduct related reviews and audits designed to help determine the OSS licence appropriate for the software and ensure licence compliance. Identifying and addressing vulnerabilities in the software that may be detected by the SCA improves its quality and benefits the broader community your team contributes to.
- Set up contribution, communication and governance workflows that ensure compliance with the software’s licence.
- Adhere to the standards of the domain community in software development, licensing, provision of metadata about software, documentation, registration in relevant community registries, citation and promotion of software.
- If applicable, enable and advise on the citation and referencing of software in scientific papers, presentations, tutorials, etc., ensuring that these references are unambiguous and permanent.
...
!! Comment on using GN5 FPA Grant Agreement No. 101055563 (GN5)
Contact the IPR Coordinator if you have any questions about specific copyright. Licence text must be prepared for every software you are developing, and the selected licence will depend on the licences used for components, while the copyright statement might vary depending on the institutions involved.
3.7 Acknowledgements in AUTHORS, NOTICE and README
...
The project’s documentation should explain how users and contributors can check the file for release notes.
4 Resources
4.1 Contact
- IPR Coordinator e-mailemail: iprcoordinator@geant.org
- WP9 Task 2 Open Source Licensing and Licence Support (OSLS, software licensing)
- Slack: #sw-licences at https://geant-project.slack.com workspacee-mail
- Email: sw-licences@software.geant.org
- GÉANT Marcomms Team e-mailemail: marcomms@geant.org
4.2 Training Materials
- Training course: Open Source Licensing and Compliance : [OSLC_Traininghttps://e-academy.geant.org/moodle/course/view.php?id=214]
- Webinar: License Dependencies Analysis with WhiteSource : [LDAwithWS_Webinarhttps://e-academy.geant.org/moodle/course/view.php?id=220]
- Training course: Introduction to Open Source Licensing and Compliance 2023 : [IntroOSLC_Traininghttps://e-academy.geant.org/moodle/course/view.php?id=478]
- Infoshare: Software Licences Management in GÉANT [SWLMinGN_Infoshare Infoshare: Software Licences Management in GÉANT]
4.3 Further Reading
- GÉANT IPR Policy : [GN_IPRPolicyhttps://about.geant.org/wp-content/uploads/2022/06/GEANT-_IPR_Policy_2022.pdf]
- OSS licences and licence selection [Wiki_OSSL&LS OSS licences and licence selection] – an introductory guide
- Project-oriented whitepaper for GÉANT participants – a OSS Licences in GN4-3 and GN5-1 GÉANT Project: Current State and Recommendations [Wiki_OSSLWP Open Source Software Licences in GN4-3 and GN5-1 GÉANT Project: Current State and Recommendations] – project-oriented white paper for GÉANT participants. A guide on licence selection with an appendix describing the OSS licences most frequently OSS licences used from by analysed projects
- Software licence selection and management in GÉANT [Wiki_SWLS&M Software licence selection and management in GÉANT] – a maintained online version of this guide.
- Important licences for licence selection [Wiki_ImportantLicences Important licences for licence selection] – descriptions and compatibility of most frequent frequently used licences in GÉANT
- Reference information about OSS licences and tools [Wiki_OSSL_RefInfo Reference information about OSS licences and tools] – a comprehensive catalogue of thematically organised resources and pointers
- Open Source Software Licences in GÉANT – whitepaper on licensing in GN4-3 and GN5-1, with recommendations and info about licences in analysed projects
- GÉANT software best practice BP-B.6: Manage sideground IPR [GN_BP_B6 GÉANT software best practice BP-B.6: Manage sideground IPR]
- OSI Approved Licenses : [OSI_Licences https://opensource.org/licenses/]
4.4 Services
- GÉANT Software Licence Management (homepage) [Wiki_SWLM GÉANT Software Licence Management (homepage)]
- Jira requests for SCA and SLA : [Jira_RSWR https://jira.software.geant.org/servicedesk/customer/portal/2/create/55]
- Software Reviews [Wiki_SWReviews Software Reviews – GÉANT Software Development Support] – GÉANT Software Development Support
- GÉANT Mend, with login via GÉANT SSO, special permissions may apply : [GN_Mend https://app-eu.whitesourcesoftware.com]
- Accessing Mend and visibility levels [Wiki_MendAccess Accessing Mend and visibility levels] – visibility of Mend scan results
- Mend short guide for end users [Wiki_MendGuide Mend short guide for end users] – also explains the interpretation of Mend reports
- The Risk Report – Short Mend report guide for end users: [Mend_TRR https://docs.mend.io/bundle/sca_user_guide/page/the_risk_report.html] – short Mend report guide for end users
- GÉANT GitLab : [GN_GitLab https://gitlab.software.geant.org]
- GÉANT Software Catalogue : [GN_SC https://sc.geant.org]
References
Glossary
| AGPL | GNU Affero General Public Licence |
| API | Application Programming Interface |
| BSD | Berkeley Source Distribution |
| CC | Creative Commons |
| CC BY | Creative Commons Attribution licence |
| CC BY-NC | Creative Commons Attribution-NonCommercial licence |
| CI | Continuous Integration |
| CI/CD | Continuous Integration / Continuous Delivery |
| CLA | Contributor License Agreement |
| EC | European Commission |
| EPL | Eclipse Public License |
| EU | European Union |
| EUPL | European Union Public Licence |
| EURISE | European Research Infrastructure Software Engineers |
| FAIR | Findability, Accessibility, Interoperability and Reusability |
| GFDL | GNU Free Documentation License |
| GPL | GNU General Public License |
| GUI | Graphical User Interface |
| ICT | Information and Communication Technology |
| IP | Intellectual Property |
| IPR | Intellectual Property Rights |
| JLA | Joinup Licensing Assistant |
| MIT | Massachusetts Institute of Technology |
| MPL | Mozilla Public License |
| NC | NonCommercial |
| ND | NoDerivatives |
| NREN | National Research and Education Network |
| OSI | Open Source Initiative |
| OSLS | Open Source and Licence Support |
| OSS | Open Source Software |
| PLM | Product Lifecycle Management |
| R&E | Research and Education |
| SA | ShareAlike |
| SBOM | Software Bill of Materials |
| SCA | Software Composition Analysis |
| SLA | Software Licence Analysis |
| UA | Unified Agent |
| UI | User Interface |
| WP | Work Package |
| WP9 | Work Package 9 Operations Support |
| WP9 Task 2 | WP9 Task 2 Software Governance and Support |