Category: 2.3 Open Source (Building)
-
![Open source license compliance in software supply chains [Book Chapter]](https://dirkriehle.com/wp-content/uploads/featured/10103-berlin-suedkreuz-no-subway-300x150.jpg)
Open source license compliance in software supply chains [Book Chapter]
Abstract: Almost all software products today include open-source components. However, the obligations that open-source licenses put on their users can be difficult or undesirable to comply with. As a consequence, software vendors and related companies need to govern the process by which open-source components are included in their products. A key process of such open-source…
-
![Getting started with FLOSS governance and compliance in companies [OpenSym 2019]](https://dirkriehle.com/wp-content/uploads/featured/10191-starbucks-american-breakfast-300x150.jpg)
Getting started with FLOSS governance and compliance in companies [OpenSym 2019]
Abstract: Commercial use of open source software is on the rise as more companies realize the benefits of using FLOSS components in their products. At the same time, the ungoverned use of such components can result in legal, financial, intellectual property, and other risks. To mitigate these risks, companies must govern their use of open source…
-
Open Source and Inner Source at IAV (in English)
The house magazine of IAV Automotive Engineering GmbH, a major supplier to the German automotive industry, which had interviewed Markus Blonn and me about open source and inner source at IAV, translated the magazine article into English, woohoo!
-
Open source and inner source at IAV (in German)
The house magazine of IAV Automotive Engineering GmbH, a major supplier to the German automotive industry, interviewed Markus Blonn and me about open source and inner source at IAV (in German). We had a good time as you can see 😉
-
Upcoming talk on industry best practices for corporate open source governance of software supply chains at UC Santa Cruz
Abstract Almost all software products today incorporate open source software either directly or through software supply chains, but many companies are not properly governing their use of open source, incurring potential risks. Since 2016, I have been researching industry best practices and processes around open source governance, focusing on software supply chains. I have interviewed…
-
Why you should not let developers scan their code for open source violations 4/4
As discussed in prior posts [1] [2] [3], companies need to take stock of the open source software code in their products. Otherwise, they will not be able to correctly comply with the licenses of the open source code they use. Taking stock means scanning and analyzing your product code, and who else to turn…