Embodiments of the present disclosure relate to the field of computer technologies and, in particular, to an open-source-license analyzing method and apparatus, including: receiving a file-to-be-tested and a planning condition; detecting an open-source license involved in the file-to-be-tested; matching the detected open-source license with the planning condition to determine a first conflict between the detected open-source license and the planning condition; and generating a first risk assessment report based on the first conflict. The embodiments of the present disclosure are used to analyze and evaluate the risk of using open-source licenses.