A couple of months ago, we commented on the Dr. Dobbs article What Developers Think, written by Jeffrey Hammond, Research Analyst for Forrester Research which concluded developers often use open source without their manager’s approval.
Our March developer poll generated some interesting results showing that developers, managers and architects are all concerned with the proper licensing of open source for externally distributed applications.
Over 47% of respondents reported they were developers, followed by IT managers and architects at 20% . Over 50% of developers and managers reported their primary concern with open source is securing redistribution rights. This is important as there is no doubt that compliance with open source software licensing terms is now a business necessity.
In the last year the Software Freedom Law Center and GPLviolations.org have pursued dozens of infringement complaints. Proven infringement can result in steep damages, injunctions to stop shipment, requirements to publish proprietary code as well as damage to a company’s reputation with customers and partners.
Businesses distributing products containing open source code are especially exposed to these risks because many license terms are triggered by distribution and distributed software (even if it is embedded) is available to inspection by a much wider audience. Developers are often unaware of open source components, bundled packages or hidden licenses which expose software and hardware vendors to legal risks.
For organizations distributing products including open source components to other enterprises, the need for proper redistribution rights is paramount. Thankfully, there are solutions out there that take care of open source component licensing while you can focus on your core business and avoid legal and operational risks.
With that in mind, watch for an upcoming webinar on valuable lessons for safeguarding against the risks of improper open source licensing. If you have any immediate questions on this topic and if you’re working on an externally distributed application, please do not hesitate to contact us.
ActiveState Unveils Open Source Management Platform to Automate Software Supply Chain Security, Boosting Developer Agility and Centralizing Governance and Visibility of Open Source In Use Across the Organization
Reimagined platform unifies software supply chain security and simplifies governance, dependency, vulnerability, and license management into a single DevSecOps platform ActiveState is redefining open source management with the launch of