Open source can immediately prompt the words ‘law suit’ in some peoples’ minds, but Black Duck have introduced a software platform that helps developers catch and resolve potential intellectual property disputes.
A large software project may involve code and components from many sources – increasingly parts of a project may have open source origins. It’s highly likely that there will be some software on the computer that you’re using to read this now that will depend on open source components – and indeed the core of the internet depends on open source applications such as Apache.
Recently, some high profile conflicts between source code owners and developers has led to some very expensive and high profile legal challenges. The number of licenses, projects and obligations that a company needs to be aware of when looking to make a product that may involve open source code is immense – and checking and analysing what needs to be done, or what may happen if there is a conflict, is expensive and time-consuming.
Black Duck’s protexIP suite informs developers of code origins, license obligations and potential violations by producing a check list of items for them to resolve. Users can even run ‘whatif’ queries on code combinations.
The product is based around Black Duck’s 50gb knowledge base with information on more than 225 licenses. The company also uses spiders to monitor some 250 key open source projects to keep protexIP up to date.
“As open source and third party components proliferate and become nested in increasingly complex applications, the challenge of assuring compliance with licensing obligations becomes overwhelming without a comprehensive compliance platform,” said Karen Copenhaver, executive vice president and general counsel of Black Duck. “protexIP/license management empowers the lawyer’s oversight of the development process, from helping define and implement open source policy to approval of software release.”
Annual subscription packages start at US$9,500 (€7,595) for up to 2 seats. protexIP/license management customers must also subscribe to a protexIP/development package, which start at $12,500 (€9,993) for up to 5 seats.