KyAnalyzer: An Efficient Code Source Classifier for Operating System Packages

Open source represents an important way in which today’s software is developed. The adoption of open source software continues to accelerate because of the compelling economic and productivity benefits they provide. Therefore, it is important to mitigate potential legal exposure by scanning and analyzing the source of code. However, it is not the only benefit of this kind of work. While the complexity and the size of software composition grow, it is also critical to analyze the source of code to ensure code traceability and manageability, especially for software with tremendous scale of code, such as operating system. In this paper, we argue that it is beneficial for code audit and code quality insurance to distinguish the source of system packages and manage them separately. Then we propose an efficient method for code source classification based on package change log info extraction. And we design and implement KyAnalyzer, which support source analyzing and distinguished management of Debian/RPM packages with the proposed method. Preliminary experimental results show the correctness and efficiency of the package source classifier.