harmony 鸿蒙OpenHarmony Open-Source Compliance Policy

2023-10-30
浏览 (375)

OpenHarmony Open-Source Compliance Policy

Purpose

The policy defined in this document enables the OpenHarmony community to comply with the license terms and values of open-source software and respect third-party intellectual property rights while benefiting from the use of these open-source software. This document provides a common framework for open-source software compliance for the OpenHarmony community, with the goal of ensuring license compliance. It also improves the open-source compliance governance capability of OpenHarmony based on the best practices in the industry, helping community members understand how to use open-source software and contribute to the community.

Scope

This document applies to all contributors to the OpenHarmony community, including the code repositories under OpenHarmony and those under OpenHarmony-SIG.

Improvements and Revisions

This document is drafted and maintained by the Compliance SIG. What you are reading now is the latest version of this document.
Any addition, modification, or deletion of the specifications mentioned in this document can be traced.
The PMC reviews and finalizes the specifications after thorough discussion in the community.

Terms and Abbreviations

[Open-Source Compliance Terms and Abbreviations]()

Phase-specific Compliance Policy

Introduction Phase

License Usage and Review Specifications of Open-Source Software

Introduction and Exit Specifications of Open-Source Software

Introducing Open-Source Software

Development Phase

License, Copyright, and Metadata Compliance Specifications

License and Copyright Specifications
[SPDX Information Declaration Specifications]()
Specifications for README.OpenSource

Gated Check-In Compliance Specifications

Specifications for Participation in Upstream Communities

Best Practices and Suggestions for Contributions to Upstream Open-Source Projects

Release Phase

Open-Source Obligation Fulfillment

Management Policy for Open-Source Compliance Artifacts

Software Bill of Material (SBOM) Specifications

[SBOM Generation and Delivery Description]()
[SBOM Review and Problem Handling Rules]()

Open-Source Compliance Requirements for Community Version Release and SIG Incubation Graduation

Binary Compliance Specifications

[Binary Compliance Specifications]()

Open-Source Compliance Issue Management Process

Open-Source Compliance Roles and Responsibilities

Open-Source Compliance Role and Capability Requirements

Open-Source Compliance Training Resources and Requirements

Open-Source Compliance Training Plan

Consequences of Incompliance

It is important to comply with this policy. Failure to do so may result in: - Claims raised by copyright holders or intellectual property holders for the code you use - Claims raised by the recipient of the code - Inadvertently releasing code that is not supposed to be released - Fines caused by violation of regulatory obligations - Loss of reputation - Fund loss - Breach of contracts

Any individual who violates this policy may be subject to disciplinary actions.