OpenSource Guardrails: License compliance

It is important and can be a show-stopper, so creating good guidelines is an important part of Open-source strategy

• Use tools to scan Open-source codebases used in products to create license maps
• Ensure that licenses of various Opens-source components are used together in a compatible manner
• Select tools for software composition analysis to help automate the compliance check process
• Create a document on various licenses and how they are supposed to be used as part of overall OSS strategy. It is a living document, which reflect the changes as they happen in community
• Make license compliance automated as much as possible and part of CI systems
• Create internal communication channels for developer reach-out.
• Maintain a record of open-source license usage

Make it seamless part of workflow