180 likes | 372 Views
Open Source License Checker 2.0. Team LC 2.0, March 2007 Jing Jing-Helles, Sakari Kääriäinen, Yuan Yuan, Mika Rajanen, Xie Xiaolei, Lauri Koponen, Veli-Jussi Raitila, Jussi Sipoma. Risks Using Open Source. Can we really use open source software as freely as we want in software development?
E N D
Open Source License Checker 2.0 Team LC 2.0, March 2007 Jing Jing-Helles, Sakari Kääriäinen, Yuan Yuan, Mika Rajanen, Xie Xiaolei, Lauri Koponen, Veli-Jussi Raitila, Jussi Sipoma
Risks Using Open Source • Can we really use open source software as freely as we want in software development? • Are you aware of the risk? • PHP license is incompatible to GPL license source code under PHP license cannot import source code under GPL license and vice versa. • Do we really need to read each of the open source licenses to avoid legal problems? Do we have time for it?
Benefit from OSLC 2.0! • To Identify existing open source licenses • To select OS software for development • To avoid legal problems and law suit • To manage software package with multiple OS licenses • To support decision making for OS software license • Work more efficiently: To save managers’ and engineers’ time from going into details in the source package Managers and engineers do not have to be open source license expert
OSLC 2.0 Features and Demo • Identify license from OS source files/directories/packages • Identifying open source licenses from: • Java, PHP, and C/C++ source files • Linux kernel source files • “LICENCE” files • “COPYING” files • Indicating the license matching confidence against the original license text • Highlighting the matched license text • Displaying source code import references • Link to import files (only in Java) • Displaying the license conflicts • Identifying license exceptions & forbidden phrases • Source file print support • General summary and report on the source files in the package • File filtering in source package based on different criteria. • Support both GUI interface and Command line interface
License Issue and Reference • Under GPL 2.0 license • Released in Sourceforge.net: • www.sourceforge.net/projects/oslc • Marketing material in Groklaw • Industrial companies have high interests in this software • Welcome to • Make suggestions and comments! • Try out our application and spread the word • Join us in further development
OSLC 2.0 Project Final Report Team LC 2.0, March 2007 Jing Jing-Helles, Sakari Kääriäinen, Yuan Yuan, Mika Rajanen, Xie Xiaolei, Lauri Koponen, Veli-Jussi Raitila, Jussi Sipoma
Original Goals Status Realization Business Goals To build a basic tool for analyzing open source software license OK The system is implemented with powerful features and algorithms to support analysis for open source software licenses. Currently we are using different algorithms to identify the license type and 28 open source licenses registered into the application license database. To provide a software with production level of quality (beta release) OK The software is currently released in sourceforge as Beta release. All the OSSI project customers are informed about this software and they are very interested to use it. The application is designed with usability concept in mind OK The system is designed with a user-friendly interface. The usage of the application is very straight forward. Normal user should be able to master it after 30 minutes. Functionality Goals To analyze the license found from files in an open source package OK The software supports license analysis functionality in a single file, directory, and compressed source file packages (zip, jar, tar.gz, tar, and tgz). It also can identify license information from e.g. “License.txt” and “Copying.txt” files. To be easy to integrate with different development environment e.g. CVS Dropped This feature is decided to be dropped off. The decision was affected by additional high priority feature requests from customer. In addition, the project resource availability also slightly affected the decision as we must focus on the higher priority features and drop the low ones. To make positive and negative identification of licenses OK The software identifies licenses based on licenses storied in the database provided by the customer. To offer command line option for making report (filename+ license) OK The software can create license report of a software package in command line. In addition, it is able to identify the file references in the package. To visualize the content of the software package and show file linking relations OK -The summary pane shows the overall information of the software package. -The file reference is shown in the GUI. -It is able to locate to the target reference file in Java. -Identification of the license information and the license conflicts within the package and display it in the GUI Project Goals
Project Schedule and progress • Agile development embracing changes • Iterative development with 2 week sub-iteration development • Frequent delivery and demonstration for customer review and feedback • All development work on schedule with extra features
Jing Yuan Sakari Lauri Mika Xie Veli-Jussi Jussi SUM PP 58 52 78 22 22 22 27 22 303 I1 40 64 46 74 74 64 73 64 499 I2 52 54 46 74 74 64 70 64 498 Total 150 170 170 170 170 150 170 150 1300 Jing Yuan Sakari Lauri Mika Xie Veli-Jussi Jussi SUM PP 50,5 50 68,5 20,3 38 22 21 15 285,3 I1 50,2 77 68,5 71,25 76,5 62,5 103 37 545,95 I2 62,5 51,5 45 98,05 63,5 67,5 38 44,5 470,55 Total 163,2 178,5 182 189,6 178 152 162 96,5 1301,8 Extra Hours 13,2 8,5 12 19,6 8 2 12 -53,5 1,8 Resource Usage Original resource plan Resource Realization (left hours and extra hours) GUI work is complex and time-consuming. • Implementation is more complicated than expected (License recognition algorithm & source file parsing) Additional work spent on project marketing Changes and extra features for application Jussi had to travel abroad for special reasons thus he was not available for some weeks This affected the project task assignment a bit; however we adjust the plan to fit to the new situation.
Project Quality Summary OSLC 2.0 is robust and produces reliable analysis result It is mature enough as a stable release in Sourceforge and for production use.
Functional Area Progress Coverage Quality Comments License matching High 3 Works well Directory processing High 2 Works well Package processing High 2 Improved large package processing Multiple source file support High 2 Java, C++/C, PHP source file support GUI High 2 File filter function added, print support, File history browsing, Help, and About Project Quality Summary Status of main quality metrics: • Test coverage: 100% (test cases cover all the proposed requirements that can be tested) • Development progress: 100% (23 test cases designed and tested for the whole system) • Current quality: 100% (No failed test cases before delivery) • Defects solution: 100% (All found 117 bugs and peer testing found bugs are fixed)
System Architecture • Module structure • checker • binds the other modules together • programming interface for the graphical user interface • filepackage • implementations for each supported package type • file system, jar, zip, tar • package opening and file reading • license • classes that contain license data • license database creation
System Architecture • Module structure • matching • matching algorithm • match result representation • sourceparser • implementations for each supported source file type • Java, C(++), php • comment detection • reference detection • gui • implementation of the graphical user interface
System Architecture • Architecture has been mostly stable • Some changes have been made • events to the gui • indicates package processing status • iterator for file packages • speeds up opening compressed packages • matching • caching of internal data structures • match results filtering • phrases and modules are now subclasses of License • New classes and methods have been added, but major refactoring has not been necessary
Current Achievements • Release in sourceforge: www.sourceforge.net/projects/oslc • Release information in Groklaw (by customer) • Presenting OSLC application in OSSI project meetings • Informing OSSI project customers about our release • Marketing through personal network to OSS companies
Thank You! • Special thanks to our motivated and diligent group members! • Special thanks to our customer Ville and mentor Seppo too! • Questions?