Quality and Market Readiness Assessment at OW2


OW2 is dedicated to improve the quality and the market readiness of the OW2 code base. Having good quality code and a good reputation for code is essential for the success and growth of OW2. It is also essential for the growth of the downloads and the dissemination of the OW2 code. These efforts target primarily the mature projects.

OSCAR – Open-source Software Capability Assessment Radar – is the platform supporting and enabling OW2's quality and market readiness program. It started as SQuAT – Software Quality Assurance and Trustworthiness. OSCAR’s structure is aligned with what we call the OW2 Process comprised of four sections, Technology, Governance, Quality and Delivery, each of which is instrumented by one or several tools as illustrated by the figure below. 

1802-New-OSCAR-Graph.png

OSCAR sections and tools

OW2 endeavors to integrate tools to help projects produce reports on the quality of the code, and on the quality of the IP. OW2 has incorporated into its governance process a requirement that, for a project to be moved from incubation to mature, the project must produce a report on the quality of its code and on its IP compliance. The final decision is left to the Technology Council; however, OW2 is not a certification office.

Quality assessment tools

Open-source Maturity Model

The Open-source Maturity Model (OMM) is a maturity model and assessment methodology from the QualiPSo project. The OW2 OMM assessment template to be filled in by OW2 projects is available at OMM and is under constant evolution under the leadership of the OW2 Technology Council.

SonarQube - Static code analysis

SonarQube is a static analysis solution covering a wide variety of languages including Java, Python, Erlang, C++. It implements the SQALE methodology to evaluate the technical debt of a project. Browse the OW2 SonarQube instance

ScanCode Toolkit

ScanCode detects licenses, copyrights, package manifests & dependencies and more by scanning code ... to discover and inventory open source and third-party packages used in your code. ScanCode is a new tool recently deployed in replacement for FOSSology. As a consequence do not be surprised to see FOSSology reports still published on project dashboards. FOSSology is an open-source license compliance software system and toolkit. It allows you to run license, copyright, and export control scans from the command line or from a Web user interface. FOSSology implements the SPDX standard – Software Package Data Exchange. The results of FOSSology applied to the OW2 projects are available from the projects dashboards. Browse the OW2 Fossology instance

Risk models

OW2 has defined a set of risk models used to compute the projects' market readiness.  Each model consists of normalization intervals, a license risk function, a quality risk function and an activeness risk function. These models were created in the frame of the RISCOSS EU project. Click here to browse these models.