The Linux Foundation Launches Open-Source Compliance Tool
With open-source software adoption now commonplace in the enterprise, software compliance checking has become essential. The Linux Foundation has come up with a tool to automate the process.
The Linux Foundation announced the availability of The Linux Foundation FOSS Bar Code Tracker, a new tool for tracking Free and Open Source Software (FOSS) components.
Released as an open-source project under the MIT license, the new software tool aims to simplify the way open-source components are tracked and reported by using an auto-generated, custom QR code for each product. The QR code contains important information on the FOSS stack contained in a product, such as component names, version numbers, license information and links to download the source code, among other details.
In addition to enterprise adoption, the use of Linux and other open-source software continues to explode in mobile and consumer electronics products. Tracking software components and licenses in each product can be a difficult task. The FOSS Bar Code Tracker enables product development teams to create their own FOSS bill of materials, identify FOSS components included in each product, and easily update and share that critical information throughout the supply chain for compliance purposes.
For companies adopting Software Package Data Exchange (SPDX), which provides a standardized way of defining license information across vendors in the supply chain, or other standard formats for open-source license components, the FOSS Bar Code Tracker provides the mechanism to load the standard file and generate the desired QR code.
As the supply chain has gotten more distributed, the process of license compliance needs to be easy, fast and streamlined, Eben Moglen, executive director, Software Freedom Law Center, said in a statement. The Linux Foundations new FOSS Bar Code Tracker addresses this with a tool everyone can use. Automating this process will result in gains for FOSS developers, manufacturers embedding FOSS in their products and users who want to get the most value from the products they buy.
As part of its Open Compliance Program, The Linux Foundations FOSS Bar Code Tracker generates a one-dimensional bar code, a QR code with data, or a QR code as hot link, making key information about a products compliance available at the click of a button. Additional features of the FOSS Bar Code Tracker include compliance record manipulation and a license panel to manage licenses, among other things.
Through our Open Compliance Program, weve learned that companies desperately need a free software tool for tracking and reporting open-source software components, said Jim Zemlin, executive director at The Linux Foundation, in a statement. The new FOSS Bar Code Scanner will drastically reduce the resources needed to track and report information about the software included in every product and instill even more confidence in the companies using Linux and open-source software to compete in todays mobile and consumer electronics markets.