Skip to main content

This page not only lists frequently asked questions but also interesting questions

  • License Handling
  • Installation
  • FOSSology’s Capabilities

License Handling

Question: Are acknowledgements handled in FOSSology?

Answer: They can be added to a license conclusion and will be put into the Readme generation and the unified report document.

Question: I select “No License Known” and click on “Submit”, but after the selected radio button control is at “Identified”, why?

Answer: It may be confusing at first hand, but submitting a “No License Known” will result in: a) disabling all scanner results (hence the line with a license should switch to red), and b) the clearing result is set to “Identified”. Technically, we would like to have all results “identified”, either with disabled license entries, or , if no license is known, no license enabled.

Question: I can issue a bulk scan, but nothing happens?

Answer: Most likely a license was selected but not added to the list of licenses for addition or removal. For this, the plus or minus sign must be clicked respectively. Selecting a license “FSF” and clicking a plus sign results in a setting for the bulk scan that FSF will be added – before only the menu selection was sufficient.

Question: I added a custom license text in the single file view license browser and suddenly a new license name appears, what happened?

Answer: Fossology checks for texts in license database and has found a license entry that has actually the 100% matching text.

Question: In the license browser main view, at the top level of an upload, I sometimes see differences between the scanner count of a license and list of files selected by the filter of the same license. Is something wrong?

Answer: No. The scanner scans each file once. However, the same file can be present in the upload several times. For example: The scanner count is 27 unique files, but the actual count of files is 43, meaning that 16 files are duplicates. Some of the affected files appear just several times in the file tree then.

Question: How does the ” clearing decision scope” work?

Answer: Based on a hash computation of the file contents, FOSSology will determine a future occurrence of the same file. Then, if  the same file is part of a subsequent upload, this clearing decision will apply there as well.  Consider that this decision will impact also upload of other users. It should be checked with much care.

Question: If any unified report has to be discarded and needs a new report  – how to do it?

Answer: Just select the upload and choose again the action “Unified Report”.

Question: Can we mark a folder as nonfunctional? like DOC , BUILD folders?

Answer: Maybe => Clearing decision type: Irrelevant, On folder level, this can be selected in the license browser view for each folder at the end of each row by clicking “Edit”.

Question: How do we replace the license by NOMOS text with actual license text during clearing itself?

Answer: For each license row in the clearing decisions table, a custom license text can be added by clicking into the cell.

Question: What is the difference between edit and bulk in the license browser hierarchy view?

Answer: Bulk considers a text phrase and edit does not. Edit does flatly set all files in the folder.

Question: What is the difference between “irrelevant” and “no license known”?

Answer: (Look at the tool tips) “No license known”: Even after review, no license relevant information can be determined and “Irrelevant”: There is license relevant information, but this is not relevant information for the clearing of this file (for example, files that are not used at all and also not distributed)

Question: In the list view of uploads, how do I add a comment to an upload?

Answer: Double click into the referring cell.

Installation

Question: How do I change my password?

Answer: Go to menu “Admin”, select sub menu “Users”, select sub menu item “Edit user account”.

Question: My uploads are not visible by others, why?

Answer: The uploads are visible per group, mostly depending on the visibility settings at upload. For each user also a per-user group is created (similar to unix / posix file systems with groups based access model). If you have selected your per-user group, where you are the only member, only you can see your uploads, clearing decisions, etc. In order to share your activities with others, please make sure that your main working group is selected. Or, at upload you can select another visibility level for this uploaded file.

Question: I have installed from source, but cannot reach the FOSSology application under port 8081, what is wrong?

Answer: At source install, the Apache Web server is installed on the host machine (the machine also FOSSology is installed on) and thus it needs to be called on the host, which is usually at port 80.

Port 8081 is in use for docker and vagrant installations. In this installation FOSSology runs as guest in a virtualised environmet. For these environments,  port 80 of the Apache Web server in the guest machine is mapped to port 8081 on the host, so it will not interfere with any deployed http services on port 80 on the host machine.

Question: Sometimes the speed is very slow. It took 10 minutes to generate the report?

Answer: Because, jobs can be scheduled only at the number of available cores, subsequent jobs are in the queue. Normally, the generation of report generation will happen after some time.

FOSSology’s Capabilities

Question: Does this tool detect GPL violations in commercial software?

Answer: There are a *lot* of clauses in the GPL, and the clauses where FOSSology
helps with compliance are, admittedly, not the ones that are most often
violated today. For example, if you have a binary that may have GPL’d code
in it (i.e., a straight-up GPLv2§3 / GPLv3§6 violation): FOSSology cannot
determine the libraries used for creating the binary; you need a
binary analysis tool. (For example, just use ‘binwalk’ and ‘strings’ for
that situation.)

More generally, working backwards from a known-violating binary,
FOSSology can’t *directly* help you figure out the proper complete,
Corresponding Source (CCS) that is needed to resolve that violation. CCS
release construction, particularly when done in a post hoc fashion, is
something only a human can do. But FOSSology assists in those situations.

For example, FOSSology will do an excellent job finding what are called
“license incompatibility violations”, such as when you have a code base that
has combined code that says “non-commercial-use only” with GPL’d software.

FOSSology can be also used to compare the licensing information from the
public upstream project with the sources provided, to be sure that license
notices have not been surreptitiously modified.