Open source compliance tools
What is open source compliance?
Open source components, like other software components, are integrated into a software product. Unfortunately, not all used open source components are known to the developers or managers of the software vendor.
Investors or acquirers may ask the software vendor compliance questions like which open source components are part of the software vendor´s product. With the list of open source components available, one can review the corresponding license terms for all used open source components.
Open source compliance is about knowing all open source components and making sure the usage of the open source components are in compliance with the license terms. The usage of open source depends on all business models used. For an overview of business models visit Software Business Models webpage
How to find open source contained in commercial products
There are many ways open source can become part of a commercial product. Open source components can be added by developers, open source components can be part of third party components, libraries and in addition, open source components can contain numerous other open source components, too.
Developers can also take snippets out of open source components and reuse them in commercial products. They can also copy and alter the source code of open source components. But the open source licenses still apply and compliance with these license terms has to be ensured.
Finding these components, the snippets and the altered source code is a complex high effort tasks. This creates a massive need for automated tools to find the different variations of open source usage and alert developers and management that open source components are used.
Learn more in this new book:
Title: Mergers and Acquisitions in the software industry - Foundations of due diligence
Author: Karl Michael Popp
Publisher: Books on demand
Date published: Aug 1st 2013