https://github.com/tamada/lioss
License Identification tool for OSS.
https://github.com/tamada/lioss
golang licenses oss
Last synced: 3 months ago
JSON representation
License Identification tool for OSS.
- Host: GitHub
- URL: https://github.com/tamada/lioss
- Owner: tamada
- License: mit
- Created: 2019-12-06T03:22:25.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2020-10-31T12:35:44.000Z (over 4 years ago)
- Last Synced: 2024-06-21T01:44:44.302Z (12 months ago)
- Topics: golang, licenses, oss
- Language: Go
- Homepage: https://tamada.github.io/lioss
- Size: 246 MB
- Stars: 0
- Watchers: 3
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://github.com/tamada/lioss/actions?workflow=build)
[](https://coveralls.io/github/tamada/lioss?branch=master)
[](https://codebeat.co/projects/github-com-tamada-lioss-master)
[](https://goreportcard.com/report/github.com/tamada/lioss)
[](https://github.com/tamada/lioss/blob/master/LICENSE)
[](https://github.com/tamada/lioss/releases/tag/v1.0.0)
# lioss
License Identification tool for OSS project.
## :speaking_head: Overview
Generally, OSS projects have licenses.
The licenses grant permissions to users for using, modifying, and sharing the software.
The users of the software must follow the terms shown in the licenses.
On the other hand, today's software generally has some dependencies.
Additionally, dependant software has some dependencies, too.
Therefore, the dependant graph of the OSS becomes complex.
In such a situation, it is a quite tough task for checking the conflicts among licenses.
The first problem is to detect a conflict between two given licenses.
The second problem is to identify the license of a project.
`lioss` tries to solve the above second problem by identifying the license of the given project.
SPDX is trying to automatically identify licenses, however, it is hard to say that it became common sense.
This project detects the OSS licenses from the LICENSE files of the given projects.
Then, we aim to detect conflicts by identifying OSS licenses from the license files of dependent libraries.
## Usage
### `lioss`
Identifies license name from file and/or project directories.
```
lioss version 1.0.0
lioss [OPTIONS]
OPTIONS
--dbpath specifying database path.
-a, --algorithm specifies algorithm. Default is 5gram.
Available values are: kgram, wordfreq, and tfidf.
-t, --threshold specifies threshold of the similarities of license files.
Each algorithm has default value. Default value is 0.75.
-h, --help print this message.
PROJECTS
project directories, archive files (jar, and zip) contains LICENSE file, and/or LICENSE file.
```
### `mkliossdb`
Creates the database of lioss from License documents.
```
mkliossdb [OPTIONS]
OPTIONS
-d, --dest specifies the destination file path. Default is 'liossdb.json'
-h, --help print this message.
LICENSE
specifies license files.
```
## Install
### Go-lang
```
$ go get github.com/tamada/lioss
```
### :beer: Homebrew
```
$ brew tap tamada/brew
$ brew install lioss
```
### :muscle: Compiling yourself
```sh
$ git clone github.com/tamada/lioss
$ cd lioss
$ make
```
## References
* [dmgerman/ninka](https://github.com/dmgerman/ninka)
* Daniel M. German, Yuki Manabe and Katsuro Inoue. A sentence-matching method for automatic license identification of source code files. In 25nd IEEE/ACM International Conference on Automated Software Engineering (ASE 2010).
* This product identifies the license of each source file.
However, it does not work on my environment.
* [pivotal/LicenseFinder](https://github.com/pivotal/LicenseFinder)
* This product finds dependencies from build file, and find license.
* [SPDX](https://spdx.org) (Software Package Data Exchange).
*