Sorrel: an IDE Plugin for Managing Licenses and Detecting License Incompatibilities

@article{Pogrebnoy2021SorrelAI,
  title={Sorrel: an IDE Plugin for Managing Licenses and Detecting License Incompatibilities},
  author={Dmitry Pogrebnoy and Ivan Kuznetsov and Yaroslav Golubev and Vladislav Tankov and Timofey Bryksin},
  journal={2021 IEEE International Conference on Software Maintenance and Evolution (ICSME)},
  year={2021},
  pages={574-578}
}
Software development is a complex process that includes many different tasks besides just writing code. One of the aspects of software engineering is selecting and managing licenses for the given project. In this paper, we present SORREL-a plugin for managing licenses and detecting potential incompatibilities for IntelliJ IDEA, a popular Java IDE. The plugin scans the project in search of information about the project license and the licenses of its libraries. If the project does not yet have a… 

Figures from this paper

The IntelliJ Platform: A Framework for Building Plugins and Mining Software Data

The main capabilities of the IntelliJ Platform that could be useful for researchers that are developing code analysis tools and several use cases that researchers might be interested in are described.

License Incompatibilities in Software Ecosystems

It is not too unlikely that applications that are reusing packages from PyPI or Maven are confronted with license incompatibilities that could mean that applications would have to be open-sourced on distribution (PyPI) or as soon as they are publicly available as web-applications (Maven).

References

SHOWING 1-10 OF 19 REFERENCES

A Study of Potential Code Borrowing and License Violations in Java Projects on GitHub

An extensive corpus of popular Java projects from GitHub is compiled, an original analysis of possible code borrowing and license violations on the level of code fragments is performed, and it is discovered that 29.6% of blocks of code might be involved in potential code borrowed and 9.4% could potentially violate original licenses.

Sourcerer's Apprentice and the study of code snippet migration

The Sourcerer's Apprentice is put to work on empirical studies that demonstrate there is much sharing between StackOverflow code and Python modules and Python documentation that violates the licensing of the original Python module and documentation.

A sentence-matching method for automatic license identification of source code files

An evaluation that shows that Ninka outperforms other methods of license identification in precision and speed and an empirical study on 0.8 million source code files of Debian that highlight interesting facts about the manner in which licenses are used by FOSS.

Understanding and Auditing the Licensing of Open Source Software Distributions

A method to understand licensing compatibility issues in software packages is proposed, and an empirical study aimed at auditing licensing issues in binary packages of the Fedora-12 GNU/Linux distribution is reported.

Do Software Developers Understand Open Source Licenses?

Although developers clearly understood cases involving one license, they struggled when multiple licenses were involved and a need for tool support to help guide developers in understanding this critical information attached to software components is indicated.

Sampling Projects in GitHub for MSR Studies

GHS (GitHub Search), a dataset containing 25 characteristics of 735,669 repositories written in 10 programming languages, derived by looking for frequently used project selection criteria in MSR studies and the dataset is continuously updated to always provide fresh data about the existing projects, and increase the number of indexed projects.

An Empirical Study of License Violations in Open Source Projects

Through an analysis of 1423 projects, consisting of approximately 69 million non-blank lines of code from Google Code project hosting, it is hypothesized that a large degree of code reuse within the OSS community poses similar threats too.

A Large Scale Study of License Usage on GitHub

  • Christopher Vendome
  • Computer Science
    2015 IEEE/ACM 37th IEEE International Conference on Software Engineering
  • 2015
A large empirical study conducted over the change history of 16,221 open source Java projects mined from Git Hub investigates how licensing usage and adoption changes over a period of ten years.

Knowledge Reuse in Open Source Software: An Exploratory Study of 15 Open Source Projects

It is found that the effort to search, integrate and maintain external knowledge influences the form of knowledge to be reused and implications for firms and innovation research are discussed.

SPDX License List