Understanding how copyright and licenses function, and being able to clearly and precisely express them, is critical to ensure that your contributions are suitable for use in open source projects, and that licensing statements accurately reflect your goals. Licenses grant others that wish to use your code authorization in advance. Being able to minimize difficulties and uncertainty is useful for both inside business projects and contributing to open source projects.
Whenever you install a software, or use a software to create another software, you have to follow certain license compliances provided by those third-party software. If you are working with a software, you must understand clear understanding of these three things:
- Things you are required to do (MUST)
- Things you are permitted to do (CAN)
- Things you are forbidden to do (CANNOT)
You must also follow certain open source compliance practices if you want to build and ship open source software. It's critical to understand how this works so that you or the organization don't make costly mistakes when adopting, using, and deploying open source software. Few of the practices listed below are:
- Identification of the origin and applicable licenses
- Tracking open source software within the development process
- Performing open source practices review and identifying license obligations
- Fulfillment of license obligations when the product ships
- Oversight for Open Source Compliance Program, creation of policy, and compliance decisions
FOSSology is a open source license compliance software system and toolkit. It is essentially a web-based/command-line utility for ensuring software license and copyright compliance. Since, it provides a web based interface with a database, it has multi-user/multi-tenant support to organize all your clearing jobs.
The FOSSology project offers tool-based licensing identification. These are the basic set of features of FOSSology toolkit:
- Identifying license-related texts
- Aggregation of licenses in hierarchical view
- Highlighting text occurrences
- Identifying phrasing discrepancies in comparison to reference texts
- Looking for licensing terms
- Bulk processing of files with same licensing
- Reporting of discovered licenses
- Reusing of license conclusions
Other features of FOSSology are:
- Copyright, authorship statements scanner
- Export control and customs scanner (ECC)
- Workflow integration with command line interfaces
- SPDX RDF and tag-value
- Plain text output
- Files sorting in buckets
- User, group and upload management
Now you know about the features of FOSSology, let's setup FOSSology toolkit in our local environment. This tutorial is for installation of FOSSology from source code in Ubuntu 20.04.
First you need to clone the repository in the machine using this command.
git clone https://github.com/fossology/fossology.git
Once you have cloned the fossology repository in GitHub, move to that folder first using the change directory command.
This program requires the lsb_release command, so we need to install lsb_release package.
sudo apt install lsb_release
Now we can proceed with installing necessary dependencies required to run FOSSology. There are a lot of dependencies which gets installed during this command. Make sure to add
-yflag in front of your install script to avoid prompts asking for your permission to install the required dependencies.
sudo ./utils/fo-installdeps -y
Now you have all the packages required to compile and run FOSSology. We'll now build the FOSSology project by running this command. There would be a few warnings generated, but you can ignore them.
Next, we will install FOSSology in our system. Run it with root privileges. Again a few warnings would be generated, but feel free to ignore them.
sudo make install
Once everything has been set up, run the post install script. This will create
fossyuser in your system and setup a Postgre database.
The basic installation has been completed. Now test this installation by heading over to
http://localhost/repoand login with username and password as
After this start the scheduler daemon. This will start FOSSology on each restart of the machine.
sudo systemctl enable --now fossology
Start the daemon
sudo systemctl start fossology
Verify that the daemon is up and running by heading over to
FOSSology UI > Admin > Schedulerand check for the
and click submit. It should show one daemon running.
You can also configure and tune your system. There's a detailed wiki which would let you manage disk space, configure PHP, optimize Postgre, etc. We will configure PHP settings in this step. By default, PHP ships with 2 MB upload limit, which is very less for uploading huge applications. We can overwrite
php.inifile with memory limit, upload limit and set a timezone.
sudo ./install/scripts/php-conf-fix.sh --overwrite
Verify this change by heading over to
FOSSology UI > Upload >and look at the maximum upload size. It should be
If the change isn't visible, restart your Apache server.
sudo service apache2 restart
Now again, head over to that page and you should see
700Mbyteswritten as maximum upload file size there.
Now, FOSSology would be finally up and running in your machine for basic usage. You can still configure and tune your machine and use FOSSology according to your needs. Go through the detailed wiki here.
If you are looking for video tutorial installation of FOSSology, please refer this video.