Dirk Riehle's Industry and Research Publications

Category: 2. Building Products

  • The GNU Public License v2 in the land of microservices

    The GNU Public License v2 in the land of microservices

    Another question I get asked is how containers and new architectural styles like microservices-based architectures relate to copyleft licenses, in particular the GPLv2 license. First things first: I don’t recommend taking a “let’s work around this pesky license” approach. You should follow both a license’s spirit and letter; license evasion (“Umgehungsversuch”) may not hold up…

  • How to read open source license obligations

    How to read open source license obligations

    Interpreting open source licenses requires considerable skills and experience. Ideally, engineers and lawyers work together: Lawyers know the meaning and consequences of legal terms, and engineers can make sense of it in the context of software. There are some basics, however, that help set your thinking straight. A critical aspect is: What is a (re-)distribution…

  • Open source license compliance and work-for-hire

    Open source license compliance and work-for-hire

    A common question that I am asked in my seminar on license-compliant delivery of products that contain open source software is: But what about a work-for-hire? We are a consulting company: As we work for our clients, and use open source software, do we have to create all those legal notices? The answer, as so…

  • Managing your open source supply chain—Why and how? (Nikolay Harutyunyan, IEEE Computer)

    Managing your open source supply chain—Why and how? (Nikolay Harutyunyan, IEEE Computer)

    I’m happy to report that the eigth article in the open source column of IEEE Computer has been published. Title Managing Your Open Source Supply Chain—Why and How? Keywords Open Source, Software Supply Chain Authors Nikolay Harutyunyan, Friedrich-Alexander-University Erlangen-Nürnberg Publication Computer vol. 53, no. 6 (June 2020), pp. 77-81 Abstract: More than 90% of software…

  • Is inner source collaboration like shipping boxes between companies? (Hint: No!!)

    Is inner source collaboration like shipping boxes between companies? (Hint: No!!)

    Most corporate compliance departments believe developer collaboration in inner source projects is like shipping boxes with stuff (products) between the involved parties, for example, companies in a holding. Therefore, they don’t have to change anything about tax accounting and transfer pricing. They couldn’t be more wrong. At the highest superficial level, it appears they may…

  • Inner source and work-from-home

    Inner source and work-from-home

    Inner source is the use of open source best practices inside companies to develop shared components for use in the company’s products. Inner source software doesn’t have to become open source (but might). Like open source software development, inner source software development is inherently asynchronous, distributed, and multi-timezone. Inner source is a match made in…