BOSTON (01/18/2008)—Hewlett-Packard has launched the FOSSology Project, a tool for tracking and monitoring the use of free and open-source software within an IT environment.

The project stems from governance work done in-house at HP, according to the Web site set up for the project.

"We needed a tool that would quickly and accurately describe how a given open source project was licensed," a statement on the site reads. "Rather than simply collecting a project's advertised license (as given at their website or in their documentation), this tool needed to analyze all of the source code for a given project and intelligently report all of the licenses being used, based on the license declarations and tell-tale phrases that identify software licensing."

FOSSology is available under the terms of the GNU General Public License (GPL) version 2, and currently has support on most GNU/Linux platforms, according to the site.

It is not clear from the site how HP plans to make money through the initiative. A company spokeswoman declined comment and said Friday that more details will be announced next week.

Companies such as Black Duck Software are already in the FOSS-tracking business.

HP's entry brought a warm welcome from Black Duck CEO Doug Levin. Levin may feel HP's involvement will help the market expand overall. "We can now officially welcome HP to our market," Levin wrote on his blog. "FOSSology is a nice tool for developers. It will result in software developers being better informed about their use of GPL. That makes it a very worthy tool."

Right now, the FOSSology project has modules for license analysis, MIME type identification and for extracting metadata, according to the site.

The site said the tool already generates detailed results: "More than simply reporting, 'Package X uses license Y,' the FOSSology tool attempts to analyze every file within the package to determine its license. The license report is thus an aggregate of all of the different licenses found to be in use by a package."

FOSSology's analyses aren't foolproof, however, a statement on the site concedes: "In general, the analysis results are very good guesses, but should not be considered authoritative. (Or to say it simply: we're not lawyers. The code tries its best, but leave the legal decisions up to your own attorneys.)"

Over time, FOSSology is meant to be far more than an open-source license tracker, according to the site. Future capabilities could address bug fixes and patches, security alerts and code reuse, as well as analysis of all types of software.