Skip to content

Latest commit

 

History

History
136 lines (105 loc) · 8.05 KB

README.md

File metadata and controls

136 lines (105 loc) · 8.05 KB

{metæffekt}-universe

Project providing insights on the {metæffekt} license database covering

  • 2565 modeled license terms,
  • 180 exceptions,
  • 5 modifiers
  • 2 restrictions
  • 249 specific and commonly used license expressions, and
  • 53 consolidated markers.

as of 20th November 2024.

The following links provide letter-specific overviews on the license information:

3 - 4 - a - b - c - d - e - f - g - h - i - j - k - l - m - n - o - p - q - r - s - t - u - v - w - x - y - z

The yaml files within the subfolders show metadata on the individual licenses and exceptions. The files also contain alternative names that support the normalization of licenses and exceptions.

Why yet another list of licenses and exceptions?

{metæffekt} follows a defined strategy for analyzing, scanning and documenting software projects. To do this, a consistent information/data baseline is required. This baseline must cover the different license types that are used by the software stacks being examined.

OSI, SPDX and the ScanCode Toolkit provide a good representation of licenses and exceptions in the FOSS domain. However, the license identification and matching strategies are not fully compatible with the level of granularity and paradigms set forth by {metæffekt}. Second, the data does not cover publicly available commercial licenses (at least not to the extent required).

This is why {metæffekt} choose to create an overarching database of licenses, references, exceptions, and expressions; the {metæffekt}-universe.

Is {metæffekt} handing back to the FOSS Compliance Community?

Sure. We intend to provide those parts of our {metæffekt}-universe to the community, which we are allowed to share.

The only issue is time and resources. {metæffekt} is a self-financed company that makes a living from customer projects. With our limited time and resources we have to be very focused. We are ready to do community work, once we see that there is an interest in our results.

So if you see that this material can be useful to you or ease your work, let us know. We are looking forward to intensify our community engagement or to start off new projects.

Disclaimer

This is all work in progress and subject to continuous improvement. In particular, ScanCode identifications and ScanCode matching is used to validate the dataset and synchronize the different sources.

Please note that the {metæffekt}-universe as displayed in this repository is a converted, reduced dataset from a more extensive internal representation. The internal representation models licenses explicitly and is used for deterministic license matching based on evidences and patterns.

The internal representation (and therefore the content shown here) is based on SPDX and ScanCode.

All company names, organization names, license names, and product names mentioned in this documentation are used for identification purposes only.

Licensing

The content provided in {metæffekt}-universe is licensed under Creative Commons BY-4.0.

Copyright © metaeffekt GmbH 2021-2024. All rights reserved.

Contribution

As this repository is largely showing converted data. A direct contribution in the form of patches is not appropriate. You may create issues on Github or send requests for corrections or questions to contact@metaeffekt.com. Modifications will then be applied to the internal dataset to produce the corrected outputs.

Further information

{metæffekt} provides visualization of the {metæffekt}-universe on https://metaeffekt.com/#universe.

Currently, ScanCode version 32.1.2 is used. The version has not been fully processed, yet. Updates pending.

Non-approved OSI status information is not yet complete; more details is added incrementally. Please note in this context, that all OSI status details except approved convey unofficial information collected from mailing lists and other public available OSI-centric sources and are subject to interpretation. In the perspective of risk-based license assessment and evaluating OSI compliance of software, the information is yet considered useful to indicate potential issues.

The following table summarizes and details the OSI status values:

OSI Status Value Description Official OSI Status
not submitted The license appears on the non-approved licenses as [not submitted]. no
submitted The license has been submitted or at least requested, but has not yet been further processed. no
pending The license is in discussion / review. No decision is available yet. no
approved The license was officially approved by OSI. yes
withdrawn The license was withdrawn by the submitter (i.e. the license stuart). no
rejected The license was rejected by OSI. The license is either not a valid license or does not conform to the OSI Open Source Definition. no
ineligible The terms are not considered a (software) license or show obvious conditions adverse to the OSI Open Source Definition. no
unclear Information from OSI mailing lists and wiki content do not convey sufficient results. Links broken. no

Regarding SPDX the latest version from https://github.com/spdx/license-list-data main branch is used to synchronize the {metæffekt}-universe.