Changes for page The FLOW Syllabus (Version 2.0)
Last modified by Stefano Maffulli on 2023/02/17 01:53
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -502,4 +502,44 @@ 502 502 * The next two months 503 503 * The next two years 504 504 505 +== Resources == 506 + 507 +Validos: The Validos initiative helps businesses engage with Free Software. The primary focus of Validos is package level compliance and clear reporting to facilitate simple redistribution of code. With its format of cooperative information sharing among corporate and legal stakeholders, Validos provides a way to increase compliance fidelity and streamline code management activities. It is a Finnish registered association with thirteen members, and has a modest annual fee for participation. Website: http://www.validos.org 508 + 509 +Binary Analysis Tool: The Binary Analysis Tool (BAT) is a modular framework that uses the same approach applied by gpl-violations.org to discover issues in consumer electronics. It can open many types of firmware, detect Linux and BusyBox issues, and report outcomes in XML format. It also features knowledge-base support to allow high fidelity customization for advanced users. BAT is available for free under the Apache license so that everyone can use, study, share and improve it. The project frequently adds new features. 510 +Website: http://www.binaryanalysis.org 511 + 512 +Code Janitor Tool: The Code Janitor is a tool released by the Linux Foundation that helps to search source code to make sure that developers did not leave comments that might reveal future products, product code names or discuss competitors and their products. It maintains a database of keywords to scan for, and can be customized as necessary. It is available without charge. Website: http://www.linuxfoundation.org/programs/legal/compliance/tools 513 + 514 +Dependency Checker Tool: The Dependency Checker is a tool released by the Linux Foundation that helps identify source code combinations that will lead to dynamic and static linking, and in the context of a license policy framework can create a list of items that need to be flagged before products are released. Website: http://www.linuxfoundation.org/programs/legal/compliance/tools 515 + 516 +FOSSology: FOSSology started as an internal project at HP to support governance processes. It is a tool that analyses all the files in a project and reports on the licenses used, basing its results on license declarations and tell-tale phrases. It also has the ability to scan for copyright notices, email addresses and URLs, allowing users to create custom reports. The project is hosted by the Linux Foundation, is available as Free Software, and is maintained in both English and German by developers from HP and other organizations. Website: http://fossology.org 517 + 518 +Ninka: Ninka is a lightweight license identification tool for source code. It is sentence-based, and provides a simple way to identify open source licenses in a source code file. It is capable of identifying several dozen different licenses (and their variations). It has been designed to be lightweight, fast and to avoid making errors. It is available under a Free Software license. Website: http://ninka.turingmachine.org 519 + 520 +OSS Discovery: OSS Discovery is a Free Software tool that helps scan for software inside a business network. It searches for both source code and binary instances of software, and is intended to help create an inventory of deployed applications across servers and desktops. Website: http://www.openlogic.com/products/scanners.php#oss-discovery 521 + 522 +Black Duck Suite: The Black Duck Suite helps companies automate the management, governance and use of Free Software. It consists of various commercial products, including the Black Duck Code Center, Export and Protex. The Code Center supports the selecton of Free Software components, as well as the ongoing monitoring of the components in use. Protex and Export assist with the validation of code before deployment. The tools are powered by the Black Duck KnowledgeBase, which includes over 230,000 projects from more than 4,500 sites. Website: http://www.blackducksoftware.com/black-duck-suite 523 + 524 +OSS Deep Discovery: OSS Deep Discovery scans source and binary code to identify Free Software, even when the code in question has been copied or modified. It uses noise-reduction techniques to reduce false positives, and reduces the amount of time and personnel resources required to analyse scan results. It is targeted towards product distribution and M&A activities in the enterprises market. Website: http://www.openlogic.com/products/scanners.php#oss-deep-discovery 525 + 526 +Palamida Application Security Compliance Edition: Palamida Compliance Edition is an application security solution designed to help companies managed Free Software license obligations. It identifies, assesses, and manages Free Software obligations in customized code with a focus on risk management. 527 +Website: http://www.palamida.com/products/complianceedition 528 + 529 +Protecode System 4: Protecode System 4 scans code to analyze Free Software licenses according to customized policies. It is designed to fit into existing processes and provide a simple way to understand what is in an enterprise code portfolio. While having a small footprint, it is designed to scale into organizations with up to 20,000 developers, and works in conjunction with the Protecode IP Signatures Database to monitor 450,000 public software projects. Website: http://www.protecode.com/system4overview.php 530 + 531 +FOSS Governance Fundamentals https://fossbazaar.org/openSourceGovernanceFundamentals 532 + 533 +FOSS Policies and Guidelines https://fossbazaar.org/content/foss-policies-and-guidelines 534 + 535 +A Practical Guide to GPL Compliance http://softwarefreedom.org/resources/2008/compliance-guide.html 536 + 537 +Maintaining Permissive-Licensed Files in a GPL-Licensed Project: Guidelines for Developers http://softwarefreedom.org/resources/2007/gpl-non-gpl-collaboration.html 538 + 539 +Useful Compliance Tips For Vendors http://fsfe.org/projects/ftf/useful-tips-for-vendors 540 + 541 +Reporting and Fixing License Violations http://fsfe.org/projects/ftf/reporting-fixing-violations 542 + 543 + 544 + 505 505 {{putFootnotes/}}