Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »


Linux Foundation license scan identifies a number of problems which need to be resolved before any releasing.  This wiki page describes the best practices for resolving these identified issues.

Binary files

We cannot have binary files in Gerrit.o-ran-sc.org repo.  If the scan report identifies any binary files, they need to be removed.  Artifacts built from source codes are hosted in their corresponding repos, not in Gerrit.  

Use restriction statement

If a file is identified to have use restriction, the inclusion and use by O-RAN SC must comply within the restriction.  Otherwise such a file must be removed.

Copy left licenses

In general, we cannot have files under "copy left" licenses such as GPL in our Gerrit repos.  

Files identified by scan to be under a copy left license shall be removed or replaced by alternatives under open source friendly licenses, or developed by O-RAN SC.  If the use of such "copyleft-ed" files is not avoidable, the PTL needs to request for ToC approval for exception.  In such request the PTL shall describe how such files are used and why the use of such files does not compromise the integrity of the O-RAN SC licenses.  

Weak Copy left

In general, we cannot have files under "weak copy left" licenses such as LGPL in our repos.  

Files identified by scan to be under a copy left license shall be removed or replaced by alternatives under open source friendly licenses, or developed by O-RAN SC.  If the use of such "weak copyleft-ed" files is not avoidable, the PTL needs to request for ToC approval for exception.   In such request the PTL shall describe how such files are used and why the use of such files does not compromise the integrity of the O-RAN SC licenses.  

License statement incorrect

Problems identified under this category must be fixed by correcting the incorrect statements or inconsistency.

Attribution

This category includes the uses of files under open source friendly licenses that are not within the O-RAN SC license family, such as MIT, BSD, etc.  

For all files original to the O-RAN SC, we must use one of our licenses, i.e. Apache 2, Creative Commons 4, or O-RAN Software v1. 

For files under these non O-RAN SC licenses that are originated from external sources, the use need to be reported to and approved by the ToC.  Such files shall be placed under a directory clearly indicating its external originality, such as "external", "thirdparty", "vendor", etc. 

The PTL will need to describe the use of these files to the ToC for approval, including how they are used in the project, their original location, and where they are placed under the O-RAN SC repo.

No license

Code files must contain license claim at the beginning.  The standard text for O-RAN SC licenses can be found here:

The only exception is for files downstream-ed from external sources.  If the original file does not carry any license claim, we do not need to add a claim.  However, 1. we need to make sure they are not from projects under copyleft licenses, and 2. such files need to be placed under a directory clearly indicating its external originality, such as "external", "thirdparty", "vendor", etc.  

In addition, the PTL need to report the use of these files to the ToC for approval, including how they are used in the project, their original location and license, and where they are placed under the O-RAN SC repo.



False positives

If an identified issue is believed to be incorrect, an exception must be filed to the ToC to clarify the use and why owner believes that the report is incorrect.

Files/file types that should be excluded from having license claim header

Need ToC Approval:

.gitattributes
.gitignore
.gitmodules
.gitreview
.readthedocs.yaml
INFO.yaml
favicon.ico
*.png
*.gif
*.jpg
*.json

ToC Approved


  • No labels