AboutCode


The AboutCode Project is a simple idea to keep software provenance data close to the code.

The AboutCode and ABOUT files provide a simple way to document the provenance (origin and license) and other important or interesting information about third-party software components that you use in your project. The ABOUT tool helps with the following problems that you quickly encounter after you complete a baseline analysis of the open source components in your product:

  • Software developers need a practical way to access and update license and related information for software components
  • Companies need a practical way to comply with open source requirements – primarily attribution and, if necessary, source code redistribution

An ABOUT file is a small text file stored in the codebase side-by-side with the software component file or archive that it documents. To learn more or to contribute, visit our project on GitHub at or visit our AboutCode.org website.

SPDX


SPDX logo

The Software Package Data Exchange (SPDX) specification is a standard format for communicating the components, licenses and copyrights associated with a software package. We are co-founders of this working group from the Linux Foundation.

The aim of SPDX is to reduce redundant work by providing a common format for companies and communities to share information across the upply chain, thereby streamlining and improving compliance.

Open Source Community




Linux Foundation


Why is open source so valuable? A majority of the source code in modern software product is now commonly derived from open source code.

Open source software code is included with the compiled version and modification or customization is actually encouraged. The software developers who support the open source concept believe that by allowing anyone who is interested to modify the source code, the application will be more useful and error-free over the long term. For more information on Open Source, visit the following links: