Free and Open Source Software (FOSS) promotes software reuse and distribution at different levels for both creator and users, but at the same time imposes some challenges in terms of FOSS licenses that can be selected and combined. The main problem linked to this selection is the presence of a large set of licenses that define different rights and obligations in software use. The problem becomes more evident in cases of complex combinations of software that carries different - often conflicting - licenses. In this paper we are presenting our work on automating license compatibility by proposing a process that examines the structure of Software Package Data Exchange (SPDX) for license compatibility issues assisting in their correct use and combination. We are offering the possibility to detect license violations in existing software projects and make suggestions on appropriate combinations of different software packages. We are also elaborating on the complexity and ambiguity of licensing detection in software products through representative case studies. Our work constitutes a useful process towards automating the analysis of software systems in terms of license use and compatibilities.

• 出版日期2017-9