OpenLRAE – Opensource Licensing Risk Analysis Engine

OpenLRAE – Opensource Licensing Risk Analysis Engine

Wellcome to OpenLRAE site!

If you are looking for information about OpenLRAE, the Opensource Licensing Risk Analysis Engine, this is the correct place.

What about OpenLRAE?

OpenLRAE is a Licensing Risks Analysis Engine, multiplatform and mutilanguage. It’s a java library that allow knowing the risk induced by the bill of components you have included in your project, the way they are bound, the kind of distribution you’re going to do of your project, and so on.

After decades working in public, private and academic sector, assesing hundreds of platforms from an Opensource perspective I realized that most of the existing tools try to detect the components that have been included in a project and, then, they try to infer their licenses. Only after that (that brings a lots of false positives and a lot of false negatives) a license analysis is done.

This approach part from the point of view that a development team doesn’t know and control the bill of components of their projects, and are not beware of the licensing risks their use imply.

Also, there are lots of potential risks derived from licensing; not only licensing incompatibilities but maintenance risks, risks in bussiness terms, etc.

OpenLRAE approach is that developement teams have to know the bill of components they’re using, their versions, their licenses and all kind of things related to the use of third parties components in their own projects.

With this kind of knowledge, teams are able to use OpenLRAE to get a dashboard of licensing risks that can help them in decission making.

If you are in a hurry

You should download the latest release directly from this site. Also, you can download a bundle containing both, OpenLRAE library as well as all needed dependencies in a single jar file. Choose the best option for your specific case.

If you want to know the features supported by OpenLRAE and, for instance, run a built-in example analysis, you can run the bundle version:

java -jar openlrae-{YouVersion}-with-dependencies.jar

If you are using Maven

Then, you could use OpenLRAE simply putting the following dependency in your pom.xml (since OpenLRAE v0.3).

<dependency>
  <groupId>com.manolodominguez</groupId>
  <artifactId>openlrae</artifactId>
  <version>1.2</version>
</dependency>

Is there a manual?

Yes, you will find it visiting the Project repository in GitHub.