We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Picking the right open source projects

How to write an open source usage policy

Article comments

As open source usage becomes mainstream, it's important to ensure you're working with a product your company can rely on in the future and that the use complies with open source licensing. That's not as easy as it sounds: Open source support provider OpenLogic reports more than 330,000 open source software packages for enterprises to choose from. Finding the appropriate open source project, with the right licence and the assurance of a viable future for the project, can be difficult.

Selecting the correct open source product


OpenLogic certifies and provides direct support subscriptions for more than 500 of these open source packages. Its criteria include a viable community, well-understood licensing, documentation, and active maintenance by the project leader.

But others can help narrow your open source options. For example, new to the open source project evaluation arena is SOS Open Source, an automated methodology from open source strategist Roberto Galoppini. His tool enables companies to determine the level of risk associated with any given open source software. SOS Open Source uses 24 metrics and information collected from open source project directories, forges, and meta-forges.

Galoppini says that SOS Open Source is keenly focused on the project strength, measured by the stability and maturity of the project and whether the project is backed by a predictably viable community. Related to the quality of community, Galoppini's methodology also measures the level of community or vendor support available. Finally, the methodology attempts to rate the possibility of project evolution, whether by the current project management or third parties.

Ensuring compliance with open source licensing

But what if your developers are already using open source without your knowledge? Well, there's an app for that. Among others, Black Duck Software, OpenLogic, and Protecode offer services that can crawl through your enterprise and report on the use of open source software. In fact, these vendors can even crawl through the source code in your internally developed applications to ensure that open source libraries or code fragments are not being used in contravention of their associated licences.

If your company hasn't already set an open source usage policy, there's no better time than the present to start down that path.

Follow me on Twitter at SavioRodrigues. P.S.: I should state: "The postings on this site are my own and don't necessarily represent IBM's positions, strategies, or opinions."

Share:

Comments

Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *