Compliance is one of the biggest challenges companies face when they choose to use open source in their products and services. Failing to comply could lead to violations and legal actions.
“There are numerous open source compliance tooling projects but the majority are unfunded and have limited scope to build out robust usability or advanced features,” said Kate Stewart, Senior Director of Strategic Programs at The Linux Foundation.
To solve this problem, the Linux Foundation has launched the new Automated Compliance Tooling (ACT) project. With the new project, the Foundation aims to consolidate investment in and increase interoperability and usability of, open source compliance tooling to help organizations manage compliance obligations.
“We have also heard from many organizations that the tools that do exist do not meet their current needs. Forming a neutral body under The Linux Foundation to work on these issues will allow us to increase funding and support for the compliance tooling development community,” Stewart added.
The four projects that will become part of ACT are FOSSology, QMSTR, SPDX Tools and Tern.
Swapnil Bhartiya contributed to this story.