Skip to main content
  • Log in
  • Manage Cookies
projects.eclipse.org
Download
  • Projects
  • Working Groups
  • Members
  • Community
    • Marketplace
    • Events
    • Planet Eclipse
    • Newsletter
    • Videos
    • Blogs
  • Participate
    • Report a Bug
    • Forums
    • Mailing Lists
    • Wiki
    • IRC
    • Research
  • Eclipse IDE
    • Download
    • Learn More
    • Documentation
    • Getting Started / Support
    • How to Contribute
    • IDE and Tools
    • Newcomer Forum
  • More
      • Community

      • Marketplace
      • Events
      • Planet Eclipse
      • Newsletter
      • Videos
      • Blogs
      • Participate

      • Report a Bug
      • Forums
      • Mailing Lists
      • Wiki
      • IRC
      • Research
      • Eclipse IDE

      • Download
      • Learn More
      • Documentation
      • Getting Started / Support
      • How to Contribute
      • IDE and Tools
      • Newcomer Forum
  1. Home
  2. Projects
  3. Eclipse Technology
  4. Eclipse SW360

Eclipse SW360

Primary tabs

  • Overview(active tab)
  • Downloads
  • Who's Involved
  • Developer Resources
  • Governance
  • Contact Us

Eclipse SW360 is a software catalogue application designed to provide a central place for sharing information about software components used by an organization. It is designed to neatly integrate into existing infrastructures related to the management of software artifacts and projects by providing separate backend services for distinct tasks and a set of portlets to access these services. A complete deployment unit exists (vagrant box or docker container) that contains a complete configuration of all services and portlets.

Currently SW360 comprises the following main use case areas:

  1. Component: Handling of information and processes related to components, e.g. name, vendor
  2. License: Handling of information regarding licenses, e.g. obligations, license texts etc.
  3. Project: handling of project information providing a context for the use of components.
  4. Vulnerability: Collecting Security Vulnerability Management Information and matching them with components stored in the component service.

as well as connectors to interact with external systems such as FOSSology or commercial code scan tools, e.g. to import data or trigger source code scan jobs.

Features at a glance

  • Maintain component meta data such as involved licenses, name, project URL, involved contributors in organization, type of software,  etc
  • Attach all kinds of information including clearing reports, SPDX documents etc to components
  • Store and retrieve license data and relate licenses with standardized obligations to ease comprehensibility of licenses for project (and guide projects responsible how to implement license obligations)
  • Maintain project metadata and project BOM to put component’s use into context
  • Notification if vulnerabilities exist for components
  • Trigger clearing jobs for components in FOSSology

Vision

  • Our vision is that SW360 will be the central hub in an organization to consolidate and share all meta information available about software components to help architects and developers to quickly make informed decisions about software components.
  • Meta information of software components comprises legal information (license and copyright), software quality, project characteristics and health, security and project roles such as developers, supports and users.
  • Fully integration in state of the art build / delivery infrastructure to realize continuous delivery of high quality software with all required artefacts (BOM, licenses, copyright information, etc)
  • Build federations of SW360 instances to share selected information.
Licenses: 
Eclipse Public License 1.0
Active Member Companies: 
Member companies supporting this project over the last three months.
Contribution Activity: 
Commits on this project (last 12 months).
GitLab Repositories: 
https://gitlab.eclipse.org/eclipse/sw360/playground.git
Incubating - Eclipse SW360

Related Projects

Project Hierarchy:

  • Eclipse Technology
  • Eclipse SW360

Tags

Technology Types
  • Tools
Build Technologies
  • Maven

Eclipse Foundation

  • About Us
  • Contact Us
  • Donate
  • Members
  • Governance
  • Code of Conduct
  • Logo and Artwork
  • Board of Directors

Legal

  • Privacy Policy
  • Terms of Use
  • Copyright Agent
  • Eclipse Public License
  • Legal Resources

Useful Links

  • Report a Bug
  • Documentation
  • How to Contribute
  • Mailing Lists
  • Forums
  • Marketplace

Other

  • IDE and Tools
  • Projects
  • Working Groups
  • Research@Eclipse
  • Report a Vulnerability
  • Service Status

Copyright © Eclipse Foundation. All Rights Reserved.

Back to the top