Open Source Compliance Publications

​Practical GPL Compliance

  • A 50+ page guide for startups, small businesses, and engineers tasked with shipping products that contain GNU General Public License Version 2 (GPLv2) code.​
  • Authors: Armijn Hemel, MSc, and Shane Coughlan​​

Open Source Compliance in the Enterprise

  • A 149-page practical guide for organizations on how best to use open source code in products and services, and participate in open source communities, in a legal and responsible way.
  • Author: Ibrahim Haddad, PhD

Free and Open Source Software Compliance: The Basics You Must Know

  • This paper provides basic discussion on the changing business environment moving to a multi-source development model, the objectives of compliance and the benefits resulting from having a successful compliance program and much more.
  • Author: Ibrahim Haddad (Ph.D.), The Linux Foundation

Free and Open Source Software Compliance: Who Does What

  • Ever since companies started integrating FOSS in their products, there has been the need to ensure compliance with applicable FOSS licenses. Different companies have used various ways to structure their teams responsible for fulfilling this function. Other companies have opted for a cross functional team that consists of a dedicated Open Source Compliance Officer who has access to various individuals and teams that contribute to the compliance effort without being part of a centralized team. In this paper, we examine the latter model of FOSS compliance team and discuss the roles and responsibilities of individuals and teams involved in the compliance process.
  • ​Author: Ibrahim Haddad (Ph.D.), The Linux Foundation

Establishing Free and Open Source Software Compliance Programs: Challenges and Solutions

  • ​This white paper focuses on the practical aspects of ensuring free and open source software (FOSS) compliance in the enterprise.
  • Author: Ibrahim Haddad (Ph.D.), The Linux Foundation

Keys to Managing a FOSS Compliance Program

  • This paper examines the managerial practices needed to plan, coordinate, and control a successful compliance program.
  • Author: Philip Koltun (Ph.D.), The Linux Foundation

A Five Step Compliance Process for FOSS Identification and Review

  • This white paper  focuses on the various practical aspects of ensuring free and open source software (FOSS) compliance in the enterprise. This paper provides an example of a compliance process for FOSS identification and review that consists of five steps. The focus of the paper is around using and integrating FOSS with proprietary and third party source code in a commercial product.
  • ​Author: Ibrahim Haddad (Ph.D.), The Linux Foundation

Achieving FOSS Compliance in the Enterprise

  • ​This white paper  focuses on the various practical aspects of ensuring free and open source software (FOSS) compliance in the enterprise. This paper examines a sample end-to- end compliance process.
  • Author: Ibrahim Haddad (Ph.D.), The Linux Foundation

FOSS Compliance Practices for Supplied Software

  • This white paper examines compliance practices needed when software supplied by a third party vendor is brought into the code baseline of a product to be distributed externally. The white paper discusses requirements a company should impose upon its suppliers to disclose FOSS in their deliverables and to provide what’s needed to achieve compliance. The paper also discusses steps a company should take to review and validate the FOSS disclosures made by its suppliers. In addition to those topics, the white paper addresses measures a company can undertake to assess its suppliers’ compliance capabilities.
  • Author: Philip Koltun (Ph.D.), The Linux Foundation