(English) Industry standard for Open Source Disclosure

Leider ist der Eintrag nur auf Englisch verfügbar.

Over the past decade I have observed how the sentiment around Open Source Disclosure has changed from why should I tell what open source I use to how should I do it and even how do I do it better than my competitors?

During my recent vacation (before the world had collapsed into the pandemic paralysis) I have rented a car. In the small compartment in the drivers’ door I found a tiny CD which said “License Information Free and Open Source software.”

License Information Free and Open Source software

This little booklet was not forgotten by a previous absentminded driver – it was supplied by the manufacturer alongside the car and all documentation. The reason why vehicles now come with such tiny CDs is because variable amounts of Open Source Software used in cars.

It is not uncommon for a car to carry multiple versions of Linux Kernel. Every piece of Open Source Software including most common and widely used (such as Linux Kernel) comes with long list Open Source Licenses which impose even longer list of legal obligations. Sometimes those obligations are conflicting, other times rather obscure (e.g. special exceptions, library only, etc). Sometimes it is simple to comply for example when the license is only requiring yourself to mention the author or preserve copyright notice (so called attribution) and in some other licenses and subsequently obligations derived from those licenses can be rather restrictive and demanding requiring your company to share your entire proprietary code with community e.g. by uploading it to public code repository.

If you are software developer you should ask your boss if you provide such disclosures, if you are a software manager you should ask yourself how do you manage Open Source today and what Open Source policy does your company have?

Well and of course if you have questions, you are more than welcome to give us a call and we do our best to answer your questions related to best practices about Open Source Analysis.

Comments are closed.