Open source projects can follow some best practices to make it easier for integrators to be able to use projects with confidence in a product, and comply with the open source obligations.

By following the guidelines below, automation of the license compliance information becomes achievable by tools, which reduces a lot of manual effort and improves license compliance. Handling and communicating license info is a sign of project maturity and makes downstream use easier.   

Other best practices for sustainable projects have been documented at:  https://bestpractices.coreinfrastructure.org. By getting a CII Best Practices badge, projects are able to demonstrate their maturity, and guide others in finding key data in the areas of change control, issue reporting, code quality, and security practices.

Resources


Project Licensing
All projects should have a license associated with them. Guidance on how to find a license that matches your needs can be found at https://choosealicense.com/licenses/. Information on how to structure a project so the licensing information can be found is at: https://reuse.software/


Source File Licensing
Files move between projects. It is recommended that each source file document the license that applies to the file. Guidance on a lightweight way to document the license that applies can be found at: https://spdx.org/ids.