 This is 101. It's very, very basic. I won't introduce you what Free Software is because it's the full freedoms. I give it for granted. I won't just to give you some basic information that may, may you already know, but it's always worth repeating and having ready because licensing is not difficult once you have the basic bricks all in the right place. Otherwise, everything falls and you make a big mess. So, I had an introductory course on licensing in this very room. It took two hours. Now I have to condense it into 15 minutes, which is a daunting experience. And bear with me, I will be slightly fast-paced, but I made a slide yesterday night. I didn't plan to have slides, but I think these are going to be quite self-explanatory. So, bear with me. So, why do we have to care about licensing, about code, about copyright? Well, anytime you have software, you touch software and this software never comes without a license, never comes without some conditions. But unfortunately, if you don't have free software condition, what happens for copyright applies? Copyright applies by default. So, you have to actively go and seek the license that applies to that piece of software. This alone is sometimes not so easy task for you. And go figure if you don't have just one small piece of software to take care, but the big free software project that takes in thousands of external packages, libraries and stuff. So, you have to think that if you don't find out the right license, hopefully free software licenses, you are just stuck with statutory provision. It means that you cannot use the software. You cannot run the software. You cannot copy the software. You cannot distribute the software. You cannot modify the software. And by all means, you cannot distribute your modified version of the software. So, you can do basically nothing. So, you have to find out. One very important concept to take in is that whenever you start a project, you don't write in the vacuum. You always, yesterday it was clearly stated, you always have to build on something else. Somebody else is produced and somebody else is a copyright holder. So, it has rights on this. So, the code comes with conditions attached. It's like a tag that you have to find out. Anytime you take in a project, taking some libraries in code, this code is called inbound. So, across my presentation, inbound means the software you take in for modifying, for integrating in your project, and the licensing conditions that are attached to it. So, inbound licensing means the licenses that are already applied to that software and which I must take for granted. Conversely, when you distribute the software, you put your software, your contribution to the outward word, you are putting software outbound. So, the outbound license is the license of your own software and your own software as well. So, this is a single most important idea that I want to convey. And inside your software contains something which is more than trivial and comes from the outside. This is a derivative. What a derivative means? It means that you can, of course, you own the copyright of the entire project, but you must have permission from the inbound copyright holders, the holders of the copyright of the inbound software. It's not that it is not yours, but if you don't comply with the conditions under which the permission is given, then you cannot distribute the software. So, conditions is another keyword I want to convey. Often people speak about obligations. Actually, free software, by and large, comes with conditions. Condition is a special tool in law, which means more or less what an if-then statement means in software writing. So, if the condition is comply with, so the if statement is true, then you receive the permission under that license to modify, distribute original or modify software. So, this is the only condition under which you are permitted. A condition can be of all nature, but in OSI, we have been discussing this in this discussion, the license in discussion list, and we think that for Qualifying as free software or an open-source software, these conditions must belong to the use of software, not to external conditions, like jam three times and operate to the maker. So, and conversely, the situation by which you are not complying with the conditions, then you don't receive. This is the only consequence of not complying. You don't receive a grant, you don't receive a license, meaning that if you do something which touches upon the rights of others, you are infringing, because you're not respecting the price, the condition that software is distributed with. So, people say, okay, but is this condition what you call copy left? Well, not necessarily. Copy left is a subset of these conditions. Copy left are those conditions, are conditions, are set of conditions, but they touch upon the outbound, they constrain you in the outbound license. So, sometimes it's something that you must do with the software, i.e., you must distribute a complete set of source code, of the modified source code, corresponding to your modification, but the most straightforward condition is that you are allowed to reuse my software, but your outbound license must be consistent or equal to the inbound software, to the inbound license. Sometimes there are conditions by which you say, or a compatible license, but if you take the GPL, the GPL, the 2v3, it forces you to use for the outbound software, the same license as the inbound, GPL in, GPL out. Of course, other licenses are not that restrictive, other licenses say, BSD in, GPL out, but you cannot do GPL in and BSD out, this is what I want to convey with inbound versus outbound. So, this is actually copy left. Copy left, depending on the outreach of these conditions, whether it's constrained to the library itself or the file, we have weak copy left. So, you are allowed to embed this in something which is considered a derivative, but the outbound license can be wider or different from the inbound. So, this is what we call weak copy left. In order to have some other license touch on the entire derivative. So, we have strong copy left when you are constraining the outbound license to the inbound license for the entire set of code which is considered derivative, which contains the software. So, what you can have, the more restrictive the license in the inbound licenses, the more likely you have clashes, conflicts, and you can have states whereby you are simply, it's simply impossible to mix and match the condition. This is why it's important to have only one or very few strong copy left condition, whereas it's tolerable to have many non copy left or at least weak copy left licenses, because it's less easy to have a clash, to have an impossible situation, to have a segmentation, fragmentation of the comments. So, I'm already late, so I have to run a little bit. When we call, when we speak about compliance, we mean exactly this, comply, respect the licensing condition of the inbound for our outbound. And I use respect, not comply, because this is just the rules, the law for being a good citizen. So, these are the rules, our legal instrument, but also social instrument. You don't avoid fist fighting in the road, because you're a good, you're comply with the law, but because you are a good citizen. At the same time, you comply, you respect the licensing, because you are a digital good citizen, you are a developer that respects the work of others and wants to be in compliance, it wants to be in respect of that. So, this was the why, and this is the how. I have only three minutes, so I had to rush very, very fast. So, of course, in order to comply, you have to find out what license you have in the inbound, and the most, sorry for this, to go and seek in the source code. But it's not always easy. It's a difficult task only to find out. So, you have different strategies. Besides have being a human being going and reading, you have at least this thing. Something has already been mentioned this morning, reuse is an SBDX or a tool for making machine readable strategies and software, so that a machine does the work instead of you. Then you have procedural steps. You organize yourself in a way to be always ready to comply from the inception to the distribution. Open chain is just an example. You have scanning strategies. You have tools that go and seeks for you with heuristics with some clever things, and this is a way to comply. So, SBDX is already being touched upon this morning is a standard for making, communicating data. It's a machine readable way to say, this software is GPL, this software is MPL, this software is under this and that. So, a machine can have an inventory of your software and the corresponding licenses. You have, this is something that can be heavily automated. And all the standards, all the, everything builds upon this kind of standard way of communicating the software condition. Reuse, also we have mentioned it this morning, is a set of tools and processes that uses SBDX, of course, for making clear statements about the software. So, you have an order way to present your software and make sure that you are presenting good quality information as to licensing. So, it's very important. This is a free software Foundation Europe initiative as well. Then you have standards. Like ISO 9000, you have the Linux Foundation as organized and my good friend, Shane Coglan, is at the helm of that. The open chain, which is a standard for making sure that your organization complies as information, culture, instrument, tools, processes, and artifacts that enable you to be, to show to yourself and to your clients, if you're in a chain of provisional software, that you are making good efforts and you can demonstrate your results in making sure that you comply. So, that with all the other tools is very important. And finally, scanning. Scanning is the last, so to speak, the last resort because it's a bulk, it's a brute force way to ensure compliance if everything else is failed. So, it's like a safety net. I advise it to have scanning, especially in the most complex project where you have thousands of packages and making it man-made way doesn't work. You can have scanning for finding cheaters, people who have copied or altered the licensing. So, I've made a mess out of the license, I'll destroy information or forge information which you receive are false. So, there are database to do that. And the other is to find by some heuristic the last information in the text. Go and seek in the source code, which are and present you with likely results. Phosology is an open-source project, which is very, very, very, very, very effective. It's complicated. So, and does need and that cannot be used alone. It must be included in a continuous development stage. So, you always make sure that your license information are accurate and in any time you build some pieces. So, I advise to have a further step in CTCI, continuous development, continuous integration, continuous compliance. And the gentleman over there, we have developed something which is still rough at the edges, which is called DEP3. DEP3, which is a wrapper to Phosology to facilitate the use of Phosology to lower the learning curve of Phosology and being able to reuse the results and possibly to share the results of your decisions that you have made in applying Phosology to other projects. Very, very late. If you need to find more information, of course, the website of the Software Foundation Europe has a lot of very instructing information. This is the legal stuff that you can find and there's a lot of information. Of course, you are free to make a question. There are helping lists and, of course, also the OSI and the Software Foundation in Boston has a lot of information for you. And of course, just a little bit of advertisement, I have published this. Unfortunately, it isn't in Italian, but this covers the basics and it's a layman way to understand free and open source software and digital liberties at large. It's not just published in prints. It's a CC Buy 4 and it's available online so you can get it for free and you're invited to have a read and if you want to buy it, the publisher will be just happy. Thank you. This presentation comes with free software which is review.js and markdown and it's under creative comments 4.0. I think share a lot. Yes, attribution share. Thank you very much.