SearchSECO License Conflicts Data

Building software relies on utilizing existing code and libraries, many of which are open source and come with anobligation to comply with its license. Non-compliance is considered unethical and opens up the possibility of a legalbattle. Current tools to find violations extract license information from text assuming that the licenses are declaredfor borrowed code. This only works half the time as found by previous studies. Code level license extractionand violation checking is a definite way of determining license compliance for borrowed code, regardless ofdeclaration. We demonstrate this using SearchSECO. We analyzed 3,500 repositories from top software companiesto analyze the extent of violations and found around 32,000 violations in total. We then dissect these metrics tounderstand why these violations are occurring and how they can be mitigated.