Subscribe by Email

Your email:

Connect With Us!

Current Articles | RSS Feed RSS Feed

Open Source and Software Allergies


One of the reasons they put ingredient labels on food is so you can make sure you won't eat something that might kill you.

Why don't we do the same thing with software?

Okay, maybe it won't kill you, but it could make you sick to find out that the software you installed contains an ingredient (sub-component) with critical security vulnerabilities or licensing terms you can't stomach.

With open source, you're able to discover all the ingredients, but it can take some work.  For example, many popular packages contain dozens of other open source components inside, often using a number of different licenses.  The top-level project frequently won't declare all the details of the dependent projects, some of which might violate your own legal or technical policies.

And what about your own code?  Do you know every open source package you use?  What about code coming in from developers in other groups?  Off-shore partners?  Have any of them copied and pasted code from the open source community into code they give you?

Make sure you're able to put the right label on your code, too.  You don't want to serve up anything to your end users and customers that might cause an allergic reaction.

This work is licensed under a Creative Commons Attribution 3.0 Unported License
Creative Commons License.


Currently, there are no comments. Be the first to post one!
Post Comment
Website (optional)

Allowed tags: <a> link, <b> bold, <i> italics

Enterprise OSS Blog Policy

If you read a post on The Enterprise OSS Blog, please leave a comment. Let us know what you think, even if it's just a few words. Comments do not require approval, but they are moderated.OpenLogic reserves the right to remove any comments it deems inappropriate.


Contact Us

Browse by Tag