1e41f4b71Sopenharmony_ci# OpenHarmony Open-Source Compliance Policy
2e41f4b71Sopenharmony_ci
3e41f4b71Sopenharmony_ci## Purpose
4e41f4b71Sopenharmony_ci
5e41f4b71Sopenharmony_ciThe policy defined in this document enables the OpenHarmony community to comply with the license terms and values of open-source software and respect third-party intellectual property rights while benefiting from the use of these open-source software. This document provides a common framework for open-source software compliance for the OpenHarmony community, with the goal of ensuring license compliance. It also improves the open-source compliance governance capability of OpenHarmony based on the best practices in the industry, helping community members understand how to use open-source software and contribute to the community.
6e41f4b71Sopenharmony_ci
7e41f4b71Sopenharmony_ci## Scope
8e41f4b71Sopenharmony_ci
9e41f4b71Sopenharmony_ciThis document applies to all contributors to the OpenHarmony community, including the code repositories under [OpenHarmony](https://gitee.com/openharmony) and those under [OpenHarmony-SIG](https://gitee.com/openharmony-sig).
10e41f4b71Sopenharmony_ci
11e41f4b71Sopenharmony_ci## Improvements and Revisions
12e41f4b71Sopenharmony_ci
13e41f4b71Sopenharmony_ci- This document is drafted and maintained by the Compliance SIG. What you are reading now is the latest version of this document.
14e41f4b71Sopenharmony_ci- Any addition, modification, or deletion of the specifications mentioned in this document can be traced.
15e41f4b71Sopenharmony_ci- The PMC reviews and finalizes the specifications after thorough discussion in the community.
16e41f4b71Sopenharmony_ci
17e41f4b71Sopenharmony_ci
18e41f4b71Sopenharmony_ci## Terms and Abbreviations
19e41f4b71Sopenharmony_ci
20e41f4b71Sopenharmony_ci  [Open-Source Compliance Terms and Abbreviations]()
21e41f4b71Sopenharmony_ci
22e41f4b71Sopenharmony_ci## Phase-specific Compliance Policy
23e41f4b71Sopenharmony_ci
24e41f4b71Sopenharmony_ci### Introduction Phase
25e41f4b71Sopenharmony_ci
26e41f4b71Sopenharmony_ci#### License Usage and Review Specifications of Open-Source Software
27e41f4b71Sopenharmony_ci
28e41f4b71Sopenharmony_ci- [Licenses and Special License Review](licenses-and-special-license-review.md)
29e41f4b71Sopenharmony_ci
30e41f4b71Sopenharmony_ci- [OpenHarmony License Agreement](https://gitee.com/openharmony#license-agreement)
31e41f4b71Sopenharmony_ci
32e41f4b71Sopenharmony_ci#### Introduction and Exit Specifications of Open-Source Software
33e41f4b71Sopenharmony_ci
34e41f4b71Sopenharmony_ci[Introducing Open-Source Software](introducing-open-source-software.md)
35e41f4b71Sopenharmony_ci
36e41f4b71Sopenharmony_ci
37e41f4b71Sopenharmony_ci### Development Phase
38e41f4b71Sopenharmony_ci
39e41f4b71Sopenharmony_ci#### License, Copyright, and Metadata Compliance Specifications
40e41f4b71Sopenharmony_ci
41e41f4b71Sopenharmony_ci- [License and Copyright Specifications](license-and-copyright-specifications.md)
42e41f4b71Sopenharmony_ci
43e41f4b71Sopenharmony_ci- [SPDX Information Declaration Specifications]()
44e41f4b71Sopenharmony_ci
45e41f4b71Sopenharmony_ci- [Specifications for README.OpenSource](specifications-for-readme.opensource.md)
46e41f4b71Sopenharmony_ci
47e41f4b71Sopenharmony_ci#### Gated Check-In Compliance Specifications
48e41f4b71Sopenharmony_ci
49e41f4b71Sopenharmony_ci- [Gated Check-In Requirements](https://gitee.com/openharmony/community/blob/master/sig/sig_qa/%E4%BB%A3%E7%A0%81%E9%97%A8%E7%A6%81%E8%A6%81%E6%B1%82.md#codecheck%E6%A3%80%E6%9F%A5)
50e41f4b71Sopenharmony_ci
51e41f4b71Sopenharmony_ci- [OSS Audit Tool](https://gitee.com/openharmony-sig/tools_oat/blob/master/README.md)
52e41f4b71Sopenharmony_ci
53e41f4b71Sopenharmony_ci#### Specifications for Participation in Upstream Communities
54e41f4b71Sopenharmony_ci
55e41f4b71Sopenharmony_ci[Best Practices and Suggestions for Contributions to Upstream Open-Source Projects](best-practices-and-suggestions-for-contributions-to-upstream-open-source-projects.md)
56e41f4b71Sopenharmony_ci
57e41f4b71Sopenharmony_ci### Release Phase
58e41f4b71Sopenharmony_ci
59e41f4b71Sopenharmony_ci#### Open-Source Obligation Fulfillment
60e41f4b71Sopenharmony_ci
61e41f4b71Sopenharmony_ci[Management Policy for Open-Source Compliance Artifacts](management-policy-for-open-source-compliance-artifacts.md)
62e41f4b71Sopenharmony_ci
63e41f4b71Sopenharmony_ci#### Software Bill of Material (SBOM) Specifications
64e41f4b71Sopenharmony_ci
65e41f4b71Sopenharmony_ci- [SBOM Generation and Delivery Description]()
66e41f4b71Sopenharmony_ci- [SBOM Review and Problem Handling Rules]()
67e41f4b71Sopenharmony_ci
68e41f4b71Sopenharmony_ci#### Open-Source Compliance Requirements for Community Version Release and SIG Incubation Graduation
69e41f4b71Sopenharmony_ci
70e41f4b71Sopenharmony_ci- [Open-Source Compliance Requirements for SIG Incubation Graduation](https://gitee.com/openharmony/community/blob/master/sig/sig_qa/guidance_for_incubation_project_graduation.md#graduation-review-checklist)
71e41f4b71Sopenharmony_ci
72e41f4b71Sopenharmony_ci- [Open-Source Compliance Requirements for Community Version Release](https://gitee.com/openharmony/community/blob/master/sig/sig_qa/%E7%89%88%E6%9C%AC%E8%B4%A8%E9%87%8F%E8%A6%81%E6%B1%82.md)
73e41f4b71Sopenharmony_ci
74e41f4b71Sopenharmony_ci
75e41f4b71Sopenharmony_ci## Binary Compliance Specifications
76e41f4b71Sopenharmony_ci
77e41f4b71Sopenharmony_ci[Binary Compliance Specifications]()
78e41f4b71Sopenharmony_ci
79e41f4b71Sopenharmony_ci## Open-Source Compliance Issue Management Process
80e41f4b71Sopenharmony_ci
81e41f4b71Sopenharmony_ci[Open-Source Compliance Issue Management Process](open-source-compliance-issue-management.md)
82e41f4b71Sopenharmony_ci
83e41f4b71Sopenharmony_ci## Open-Source Compliance Roles and Responsibilities
84e41f4b71Sopenharmony_ci
85e41f4b71Sopenharmony_ci[Open-Source Compliance Role and Capability Requirements](https://gitee.com/openharmony/community/blob/master/sig/sig_compliance/docs/%E5%BC%80%E6%BA%90%E5%90%88%E8%A7%84%E8%A7%92%E8%89%B2%E8%81%8C%E8%B4%A3%E5%8F%8A%E8%83%BD%E5%8A%9B%E8%A6%81%E6%B1%82.md)
86e41f4b71Sopenharmony_ci
87e41f4b71Sopenharmony_ci## Open-Source Compliance Training Resources and Requirements
88e41f4b71Sopenharmony_ci
89e41f4b71Sopenharmony_ci[Open-Source Compliance Training Plan](https://gitee.com/openharmony/community/blob/master/sig/sig_compliance/docs/%E5%BC%80%E6%BA%90%E5%90%88%E8%A7%84%E5%9F%B9%E8%AE%AD%E8%AE%A1%E5%88%92.md)
90e41f4b71Sopenharmony_ci
91e41f4b71Sopenharmony_ci## Consequences of Incompliance
92e41f4b71Sopenharmony_ci
93e41f4b71Sopenharmony_ciIt is important to comply with this policy. Failure to do so may result in:
94e41f4b71Sopenharmony_ci- Claims raised by copyright holders or intellectual property holders for the code you use
95e41f4b71Sopenharmony_ci- Claims raised by the recipient of the code
96e41f4b71Sopenharmony_ci- Inadvertently releasing code that is not supposed to be released
97e41f4b71Sopenharmony_ci- Fines caused by violation of regulatory obligations
98e41f4b71Sopenharmony_ci- Loss of reputation
99e41f4b71Sopenharmony_ci- Fund loss
100e41f4b71Sopenharmony_ci- Breach of contracts
101e41f4b71Sopenharmony_ci
102e41f4b71Sopenharmony_ciAny individual who violates this policy may be subject to disciplinary actions.
103e41f4b71Sopenharmony_ci
104e41f4b71Sopenharmony_ci## Response Policies for Negative Events of Open-Source Compliance
105e41f4b71Sopenharmony_ciFor details, see the policy released by OpenHarmony GLA.
106e41f4b71Sopenharmony_ci
107e41f4b71Sopenharmony_ci## References
108e41f4b71Sopenharmony_ci
109e41f4b71Sopenharmony_ciLinux Foundation Compliance Program: Generic FOSS Policy
110