Software // Operating Systems
01:46 PM
Connect Directly

Linux Foundation Launches License Compliance Program

The non-profit foundation is trying to remove barriers to open source code adoption by easing compliance issues including providing code scanning tools that identify if open source code is linked to commercial code.

Image Gallery: Yahoo!'s Hadoop Implementation
(click for larger image and for full photo gallery)
In a bid to eliminate a barrier to open source code adoption, the Linux Foundation is launching the Open Compliance Program to guide users on how to stay within the GPL and other open source code license limits. Open source licenses have gained a new, court-backed legitimacy, and Eben Moglen's Software Freedom Law Center has taken several well publicized enforcement actions against General Public License violators. The GPL governs use of Linux and other open source code. The Apache license and Berkeley BSD license are also frequently used.

Part of the resolution of the Software Freedom lawsuits has been to impose a compliance process on the future use of open source code at the target company. Jim Zemlin, executive director of the Linux Foundation, said the foundation is trying to make compliance as simple and easy as possible for companies that want to expand their use of open source.

"As open source has proliferated up and down the product supply chain, so has the complexity of managing open source compliance," he said in an interview in advance of LinuxCon, which began today in Boston.

With Linux spreading into mobile and embedded devices, manufacturers have confronted increasingly complex combinations of open source code and commercial code and need guidance on what rules govern the operation of the two. Linux often underlies telecommunications companies' operations. It's often bundled with other open source code to finds its way into the operation of product as an embedded system.

Facing such complexity, his foundation is trying to show "how we can create a vaccination for the software industry" against compliance issues, said Zemlin.

The foundation has released a set of code scanning tools, including a Dependency Checker, which can identify what code is linked to what. If open source code is linked to commercial code, that affects how it can be used, and the tool offers a license policy framework that would allow a code manager to define what licenses he needed.

1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of August 21, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.