For many new open source software project communities, licensing may at first take a back seat to the project’s technical goals, design and architecture considerations, and community involvement. But as a project grows and sees greater adoption, it will eventually encounter questions about license compliance. Getting license compliance right early on in a project can help the project attract contributors and users. Too often projects never reach their full potential because someone looked at the licensing, found issues and moved on to alternatives.
This paper describes the benefits of license scanning and compliance for open source projects, together with recommendations for how to incorporate scanning and compliance into a new or existing project. It does not address specific requirements under different types of licenses (for example, what is required to comply with a copyleft or permissive license). Rather, the paper addresses how to structure a project so that it, and its downstream consumers, can gain the information needed so that they are able to meet those requirements.