Personal tools
You are here: Home Open Source Compliance Verification
nrcfoss logo aukbc cdac iit mumbai iit madras ow2 iosn flosscc
india.gov.in
Digital India
 

Verification

Verification concerns the independent assurance steps taken by the OSS compliance team to confirm that OSS obligations have been properly met.

 

1. The compliance team performs verification activities according to a
   defined procedure.
2. The compliance team verifies that source code license obligations have
   been met by the time a product is considered ready for release.
   a)The compliance team verifies that any offers of source code have been
   included as required.
   b)The compliance team verifies that source code is placed in a distribution
   staging area for each OSS package included in a product readied for release
   and that a satisfactory distribution mechanism exists for any source code that
   must be made available.
   c)The compliance team verifies that source code to be made available
   corresponds exactly to the binaries in the product.
   d)The compliance team verifies that source code can be built outside the
   organization’s build environment.
3. The compliance team verifies that copyright notices, attribution notices,
   license text, and any modification logs have been included accurately.
4. The compliance team verifies that OSRB approval has been obtained for
   all OSS packages in the release.
5. The compliance team verifies that third party suppliers have made full
   and accurate disclosure of open source included in their deliverables and
   that these suppliers have satisfied their obligations under the OSS licenses.
6. The compliance team verifies that open source can be obtained via the
   defined distribution mechanism and that the source code thus obtained
   can be built in an independent environment.


Document Actions