Protecode System 4 Helps Managing Software Package Data Exchange (SPDX) Files
Some days ago, I posted a presentation about SPDX (Software Portable Data Exchange), a new standard file format to share open source licenses. This took place at the Linux Embedded Linux Conference, mid- February 2012 and the presenter said SPDX was still in its infancy, nobody formally adopted it and current tools would take input from an excel file and convert it into an XML/RDF SPDX file.
However, Protecode, a company specialized in open source license management solutions, has already a management suite called Protecode System 4 that can handle SPDX format among other things.
Here’s how the company describes Protecode System 4:
Protecode System 4 is a complete license management solution for all stages of the software development process. Protecode System 4 enables users to manage open source and third party license compliance by providing a list of all open source components that exist in a software product along with a list of associated licenses, copyrights, and other software attributes. Protecode System 4 then produces a report which provides actions for users to fulfill license obligations and achieve compliance.
SPDX format support is a new capability in the latest release of Protecode System 4 (Version 4.5) and includes full integration of the Software Package Data Exchange (SPDX) standard, with the ability to detect, read and interpret SPDX files in a software package. The latest release also features improved productivity tools such as complex search capabilities, automated license text creation for software distribution, new reporting options, and the ability to add client’s proprietary software to the reference database.
Protecode System 4 consists of 5 tools:
- Enterprise Analyzer (EA) analyzes all code in any directory and compares identified licensing and copyright attributes against established licensing policies of the enterprise.
- Code Administrator (CA) provides a step-by-step web-based workflow solution to record requests for open source software, analysis, and approval of software packages.
- Developer Assistant (DA) scans and identifies licensing and copyright information in real-time, as soon as a new file is detected in a defined project area.
- Library Auditor (LA) analyzes any code that is committed to a specified branch of the organization’s Source Control Management (SCM) repository.
- Build Analyzer (BA) analyzes only those files consumed during a build operation, including source files that are compiled into the final code, or object files that are linked by the core software application.
The company can also provide their IP Analysis Core Engine (IPACE) software development kit (SDK) for integration into existing IP management workflow solutions of their clients.
You can watch the video below for an overview the Protecode System and see how it can help you manage open source license more easily and find potential non-compliances. The video is from May 2011 and the Code Administrator tool is missing from the presentation, but I believe this video still gives a proper overview of the system.