Fork me on GitHub

A new community website dedicated to sharing information and solutions for automated compliance with open source license requirements


A simple idea to keep software provenance data close to the code

AboutCode and ABOUT files provide a simple way to document the provenance (origin and license) and other important or interesting information about third-party software components that you use in your project.

The tool is a command line based utility written in Python, released under Apache 2.0, and is available on GitHub.

AboutCode helps automate OSS compliance that is needed throughout the software lifecycle.

Who are we?

The website is hosted by nexB. We are the creators of DejaCode Enterprise which provides a central business system for software component tracking and reporting.

Our mission is to provide the tools and services that enable and accelerate component-based software development. Reusing software components is essential for the efficient delivery of software products and systems in every industry.

We also offer professional services to help companies actively identify and manage their software assets, including provenance analysis of open source and other third-party software components.


What we are building

nexB is sponsoring a new community website to foster development and sharing of practical techniques and tools that software development teams can use to document the provenance of open source components.

This initiative is not a replacement for the techniques and tools needed to determine the provenance (origin and license) of software components. Rather we are attacking two problems that you quickly encounter after you complete a baseline analysis of the open source components in your product:

  1. Software developers need a practical way to access and update license and related information for software components
  2. Companies need a practical way to comply with open source requirements – primarily attribution and, if necessary, source code redistribution

The website will offer forums for sharing information and host open source projects to develop compliance automation tools. The core idea is to add software component metadata in text files in your codebase and then extract that data for compliance purposes. This approach is simple and adaptable to any software development environment.

We are starting with documentation of how some organizations currently automate compliance with open source license obligations.

To stay on top of what's happening with enter your email address below

comments powered by Disqus