The Compliance Use Research On Open Source Software Licenses Based On SPDX License List

Open source software nowadays has become an important trend for software technology innovation and software industry development.Modern software systems are increasingly dependent on open source software.With the promotion of open-source software,open-source software license has also received widespread attention.Opensource software license can protect the intellectual rights and regulate the use of opensource software to promote the healthy development of the open-source industry.However,the diversities between licenses increase the occurrence of developers misunderstanding the license terms and conditions,thereby increasing the risk of illegal use of open-source licenses.How open-source participants can correctly use open-source software licenses in their development to ensure the efficient and reasonable use of the collaborative results of community groups is still an urgent issue to be solved.The open-source software license can be regarded as a legal text to manage and regulate the use,copy,and distribution of open-source software.The compliant use of open-source software licenses means that developers comply with the terms and conditions of open-source software licenses to correctly use,distribute or combine opensource codes licensed by different licenses to help developers avoid legal problems or reputational risk if they violate the terms of open-source licenses.The licenses of SPDX License List are used as datasets.Based on the above considerations,this paper focuses on the following three aspects to guide developers to use open-source licenses in compliance.A correct understanding of terms of open-source license is prerequisite for the compliant use of licenses.In order to better understand the license terms,we conduct research from two aspects:(1)We create a license framework by manually analyzing the characteristics and commonalities between common open-source licenses,which can help developers sort out the open-source license structure.At the same time,we apply the framework to the research and development of Mulan series licenses.Then,we further complete the license modeling,and extract more fine-grained license dimensions to express and distinguish arbitrary open-source license terms.(2)Based on the results of license modeling,this paper combines the topic model to propose a method of automatically extracting license terms to help developers quickly understand the terms and conditions contained in the licenses.Finally,we verified and analyzed the model on the license dataset we built,and proved the effectiveness of our method.Clarifying the compatibility relationship between licenses is the key to compliant use of licenses.License compatibility refers to the issue of multiple source code under different licenses in open source software development,whether the terms of those licenses contain conflicting terms,and whether the source code can be combined into new software.Any combination open-source components with incompatible licenses will result in license violations.This paper uses the existing public knowledge to combing the compatibility relationship between different types of licenses,and combines the compatibility discrimination algorithm to develop a compatibility discrimination tool,to guide developers in the correct combination of source codes.Recommending appropriate open-source licenses can provide guarantee for developers to use licenses in compliance.Based on the above results,and the great success of the recommendation algorithm research.We further complete the research of the hybrid recommendation algorithm from the perspective of license text content and similar projects.Finally,the recommendation results were cross-validated and evaluated with the participation of multiple professionals.Experimental results demonstrate that our approach can achieve satisfactory solution for licenses recommendation.In summary,this paper studies the compliant use of open-source licenses from multiple perspectives,combines theoretical research with practical application research and development,to help developers avoid legal risks caused by illegal use of licenses.