Linux Foundation Launches License Compliance Program
The non-profit foundation is trying to remove barriers to open source code adoption by easing compliance issues including providing code scanning tools that identify if open source code is linked to commercial code.
In a bid to eliminate a barrier to open source code adoption, the Linux Foundation is launching the Open Compliance Program to guide users on how to stay within the GPL and other open source code license limits.
Open source licenses have gained a new, court-backed legitimacy, and Eben Moglen's Software Freedom Law Center has taken several well publicized enforcement actions against General Public License violators. The GPL governs use of Linux and other open source code. The Apache license and Berkeley BSD license are also frequently used.
Part of the resolution of the Software Freedom lawsuits has been to impose a compliance process on the future use of open source code at the target company. Jim Zemlin, executive director of the Linux Foundation, said the foundation is trying to make compliance as simple and easy as possible for companies that want to expand their use of open source.
"As open source has proliferated up and down the product supply chain, so has the complexity of managing open source compliance," he said in an interview in advance of LinuxCon, which began today in Boston.
With Linux spreading into mobile and embedded devices, manufacturers have confronted increasingly complex combinations of open source code and commercial code and need guidance on what rules govern the operation of the two. Linux often underlies telecommunications companies' operations. It's often bundled with other open source code to finds its way into the operation of product as an embedded system.
Facing such complexity, his foundation is trying to show "how we can create a vaccination for the software industry" against compliance issues, said Zemlin.
The foundation has released a set of code scanning tools, including a Dependency Checker, which can identify what code is linked to what. If open source code is linked to commercial code, that affects how it can be used, and the tool offers a license policy framework that would allow a code manager to define what licenses he needed.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.