GitHub has introduced a new way for companies to license their open source projects, with an open source program.
The company has open sourced ‘Licensed’, which is an internal tool used to automate various open source projects licensing processes that GitHub runs. The program aims to help programmers reduce the time it takes to track down licenses for open source projects, putting their efforts elsewhere.
Licensed will enable developers to effectively use their code’s open source licensing by spotting potential problems with a program’s dependency license early in its development cycle. By spotting these problems early can help prevent larger issues happening.
The program works by finding, catching and checking license data for dependencies. These dependencies can be from multiple language types and package managers from a variety of projects. Having this flexibility allows Licensed to work well holding thousands of projects for a repository just the same as it would for one with a single project.
Operating within the open source program is the concept of ‘apps’, which are defined as a source of location and cache directory. GitHub’s program can discover what dependencies are there for each of users’ apps and for each library found, Licensed locates its dependency source and extracts the basic data.
Using this data the program can determine each of the file’s license and once sourced, its stream of records makes it easy to fix common licensing problems customers face. The program ensures that each dependency meets the open-source licence requirements, through a continuous integration job. This takes away the extensive process of tracking down a licence and saves programmers time to do another job.
Top Open-Source projects in 2018
How GitHub migrated its core infrastructure to Kubernetes
Trends in 2018 for Open-Source
The program makes it easy to automate the creation and distribution of licenses, but also provides an open source licensing bill of materials for a specified project. If a problem is found, the program reports those dependencies that need a review and enable businesses to keep their licenses up to date. This in turn can help businesses stay on top of license requirements and not be in breach of any conditions.
The program is available to any business and programmers can work alongside teams to support the package.