As we all know, open source technology has become an important choice for enterprises to build information systems. Open source software has basically covered important basic software fields. It is widely used in industries such as finance, telecommunications, and industrial Internet. However, my country is also facing complex open source intellectual property issues and prominent open source risks. A series of problems such as incomplete open source ecological information.
The open source governance platform of China Academy of Information and Communications Technology can help companies detect open source licenses, open source vulnerabilities and other risks, reduce violations caused by the use of open source, and at the same time provide companies with open source project selection references through continuous monitoring of the community activity of open source projects. A comprehensive open source governance platform has been formed.
The platform mainly implements two major functions: open source risk detection function and open source ecological monitoring function.
Open source risk detection
Open source risk detection is provided by Qi'anxin and Prism Colorful.
main function:
open source composition analysis:
The platform can analyze open source components, including component identification of open source software, component versions, component sources, etc., to help users understand the open source component information of the software.
open source license analysis:
Identify the license information used by the component, including the license name, license classification statistics, and license infectivity classification statistics, to help users sort out license risks.
open source security analysis:
Analyze the vulnerabilities of open source components, including the number of vulnerabilities, vulnerability names, vulnerability levels, etc., to help users sort out the security risks of open source software.
Open source ecological monitoring
Currently, it contains hundreds of popular projects on GitHub and Gitee, covering areas such as artificial intelligence, big data, containers, microservices, databases, and web development.
main function:
Open source basic information monitoring:
Basic information includes: hosting platform, development language, open source license, intellectual property ownership, etc.
open source license analysis:
Monitor the activity information of the open source project community, including: the number of comments, the number of pull-requests, the number of issues, etc.
open source security analysis:
According to the project data information grabbed from GitHub and Gitee daily, it is calculated through scientific data model.
At present, the platform is free for trial. Users need to register and pass account approval before they can use the platform normally. For more details about open source risk detection and open source ecological monitoring platform, please check the following link:
Open source risk detection: http://scan.opensourcecloud.cn/login/
Open source ecological monitoring: http://scan.opensourcecloud.cn/o/open-monitor_saas/
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。