Welcome to the Software Licence Analysis (SLA) service. This page provides essential information about the service including prerequisites, what it covers, the steps involved, how to apply and how your team can benefit. The Software Licence Analysis service helps your team gain deeper insight into third-party libraries and their licences, select and implement a licence for your software and ensure compliance with GÉANT’s Intellectual Property Rights (IPR) Policy and licensing rules.

This service can be used after Software Composition Analysis (SCA) or in combination with other software reviews.

To apply for this service, you will need:

Your project listed in the GÉANT Software Catalogue – to help us identify and track your service.

📁 A code repository (e.g. GitLab or GitHub) – to access and review your codebase.

🔍 A completed SCA – providing a baseline for licence review.

💡 Basic understanding of your project’s structure and libraries – enabling effective collaboration.

📜 Familiarity with the licences used – not legal expertise, just awareness of what is included and its general implications.

💡 Awareness of who owns or manages the IPR – for both your code and any third-party contributions.

The Software Licence Analysis service supports your team throughout the licence compliance process. We help ensure that your project’s licensing aligns with legal obligations and GÉANT’s IPR Policy. The service includes:

🔧 Software Licence Settings Alignment: We verify the SCA tool is configured to accept licence types compatible with your selected or tentative software licence.

🔍 Detailed Licence Analysis: We review the licences identified in your codebase and clarify their implications highlighting any legal or compatibility issues.

✏️ Licence Information Refinement: We investigate vague or ambiguous licence entries returned by the SCA tool.

🔗 Dependency Licence Review: We examine your project’s chosen or intended licence in relation to the licences of its dependencies to detect any conflicts.

✅ Compliance Check: Once a licence is selected, we verify that:

  • The licence meets legal requirements, is compatible with all dependencies and aligns with GÉANT’s IPR Policy.

  • Project artefacts correctly reflect the licence, copyright, dependencies and necessary attributions.

Our goal is to ensure your software is legally sound and licence-compliant, reducing legal and technical risks.

To get started, email us at sw-licences@software.geant.org, post in #sw-licences on the GÉANT Project Slack or submit a Software Review Request via the Help Desk.

Benefits of the service include:

🔹Policy Alignment: Ensures your project’s licence complies with GÉANT’s licensing policy.

🔹Clear Interpretation of Licensing Results: We help you understand complex or unclear licensing data from reports.

🔹Refinement of Licence Information: We verify and improve the accuracy of licence information from the SCA tool.

🔹Thorough Dependency Analysis: Provides insight into licence interactions between your code and external libraries ensuring compatibility.

🔹Improved Compliance: Helps you meet all licence obligations for your code and its dependencies.

This service is ideal for teams aiming to maintain control over their software licensing. It is especially useful if you:

🔍 Need to validate your licence and compatibility with third-party licences.

📜 Are refining your licensing approach and need confidence in licence choices and the handling of external contributions.

🔧 Are updating your codebase and want to avoid future compliance issues.

🗂️ Need to create, improve or validate project artefacts such as README, LICENSE, COPYRIGHT, AUTHORS, NOTICE and CHANGELOG.

  • Why do we need a prior Software Composition Analysis (SCA)?
    A completed SCA is required to provide the foundation for this analysis.
  • Can this service help with complex licensing issues?
    Yes, we help identify and resolve conflicts and ensure overall licence and IPR compliance.
  • Is this service only for large projects?
    No, it is suitable for projects of any size.
  • How long does it take?
    We aim to deliver timely results but the timeline depends on project complexity, number of dependencies and your engagement with remediation.
  • Can it be combined with other services?
    Yes, it can be used independently or in combination with other software review services.