FLOSS License Compliance
Introduction to Open Source License Compliance with Yocto
One of the issues the Yocto Project and OE-Core have attempted to help solve is the proliferation of embedded devices that violate various FLOSS licensing. Our licensing system, discussed below, is but a part of that overall effort. This document will discuss the various ways to help avoid a compliance violation both through use of the tools that Yocto provides as well as give some tips and hints on good release practices when developing your embedded device. This document should not to be construed as legal advice. For further information on FLOSS compliance, you should contact an attorney.
History of License Compliance
During the initial phase of license compliance with Yocto, one of the goals was to look at it through the eyes of both the end user, legal and license compliance enforcement agencies. With this in mind, Yocto license compliance currently falls into a number of feature groups.
-- License sanity checks -- Image manifests -- Blacklists/Whitelists -- Copyleft source archives.
These feature groups help an embedded developer know that the license the upstream provider includes in the tarball has not changed, give them detailed information about what an image contains, give them very fine grained control over what licenses are and are not allowed on the image and assist the developer in producing a source archive with all necessary source. This functionality is fairly simple to implement however, it is up to the developer to maintain good release practices in order to avoid a license violation.