Package Review as a Part of Free and Open Source Software Compliance

Martin von Willebrand, Mikko-Pekka Partanen


Free and open source software (“FOSS”) package review is an essential part of license compliance when businesses take into use FOSS. This article discusses the practical process of package review and the legal questions that arise and conclusions that can be made. Furthermore this article presents the process and a number of legal conclusions applied by Validos ry, an association for performing package review and sharing its results. The purpose of presenting a particular process is to share and improve the applied methodology with a long-term vision of unifying the expectations for package review and license appraisal, thus contributing to the ease of taking into use of FOSS by businesses. 

Full Text: