If you are a web application developer and have never heard of HtmlUnit , it is time to give it a look.
It is a simple API that allows you to write a Java program that can simulate a user traveling through a website. It doesn’t just read the URL into an input stream; it can parse the HTML and allows you to simulate clicking on buttons, clicking on links, firing JavaScript functions, and more.
Read More »Whether or not you choose to spread your application stack across server instances, I highly recommend you put no more than one application per cloud server unless you have special circumstances in play. For example, if you value performance far more than scalability, you might want to collocate applications that communicate frequently to avoid network overhead. In most cases, you’ll be better off splitting them up.
Read More »Open source application audits using source code scanning tools are a critical part of a corporate open source software policy management and governance process; there literally is no way around it these days. Without the use of a scanning tool, organizations may rely on homegrown tools, manual inspection and inventory of source code repositories, and developer interviews to implement the governance process. In our experience, even with full disclosure of open source usage from very honest and open development teams, things slip through the cracks. And, lets face it, manual inspection of source code is painfully slow. Homegrown tools might be a realistic approach for larger companies, but they require the allocation of internal resources, not only to use the tools but also to also maintain and update them regularly.
Most open source auditing engagements are completed in the context of scanning a code base of a product line to confirm that a company has appropriately separated their intellectual property from the third party components. When third party components are used and distributed all licenses for these components need to be identified and there needs to be confirmation that appropriate license compliance steps have been taken. OpenLogic’s Application Audit and Certification of Compliance services are one solution to consider when outsourcing to a team of experts as these are a full report of all materials, licenses, and a re-verification of compliance steps being completed.
Read More »What an exciting time it is for the open source software community!
Cloud technology is evolving faster than we can read about it. Marketplaces are now part of our common vernacular. The ever changing world that we live in, and these advancements in technology, are providing the open source software community with infinite opportunities to showcase creativity to the world.
I have highlighted 3 of the more recognizable, and recently launched marketplaces, that speak to this opportunistic time for open source software contributors and users.
Read More »The Software Package Data Exchange (SPDX) standard is getting some love lately and this is good news for open source license compliance. Which is, in turn, good for open source in general. If you are involved in software license compliance activities you need to include SPDX in your plans for the future. It will allow you to manage the risks of software licensing in a more efficient and predictable way than ever before.
SPDX defines a standard way to represent the contents and licensing of software packages. This standard representation provides a shared vocabulary for tools involved in managing license compliance. The SPDX standard is being developed under the auspices of The Linux Foundation as a way to ease complying with the licenses of open source software. The model provided by SPDX is fully compatible with proprietary software licensing also. This means that SPDX provides a uniform way to represent the licensing of any software package. Being able to treat both open source and commercial software the same way allows license compliance processes and tools to be simplified and streamlined.
Read More »BROOMFIELD, Colo. April 20th 2012—OpenLogic, Inc., provider of enterprise open source solutions for the data center and the cloud, today announced that its open platform as a service, CloudSwing, is now available on AWS Marketplace. OpenLogic CloudSwing is a Platform as a Service (PaaS) that provides complete choice around infrastructure, components and programming languages. In addition, CloudSwing provides easy configuration, cost tracking, application monitoring and enhanced enterprise grade security for public or private clouds.
Read More »Pin It Open Source Management: Dealing with New OSS Releases The first quarter of this year has be a busy time in open source management. JBoss has had two releases in the 7.1 series, the Apache web server has had two releases in the 2.4 series and Ruby on Rails has had two releases in [...]
Read More »In a recent blog article Using Categorization to Simplify Open Source License Compliance I talked about simplifying open source compliance through license “categorization” where I listed the common categories used in many open source licenses. In this article I’m going to talk about creating an open source compliance checklist based on those categorizations.
In OpenLogic Exchange (OLEX) Enterprise Edition we have analyzed several hundred open source licenses and created a list of high-level obligations for each license. For example, in OLEX the Apache License 2.0 list of obligations looks like this:
• Distribute copy of license
• Give notice of or fulfill other requirements related to modified files
• Obligation to include notice text or files
• Obligation to include copyright or trademark notice
• Obligation to indemnify contributors
• Obligation to apply license to original or derivative works
• Restrictions regarding use of trademark
• Termination of patent license upon filing of patent litigation
Open Source Software Management: A Review of Wazi Articles
The 5 most recent articles published on http://olex.openlogic.com/wazi/
LinkedIn contains a massive amount of valuable information about potential new hires that you can use to your company’s benefit. It provides you a single website you can use to view a person’s past work history, recommendations from other LinkedIn users, education background, etc.
But by itself, LinkedIn is just another website where you have to login to get what you need. And you might be thinking that sure, the data is useful, but how do I get that data into my own internal system so that our internal applications / databases can utilize that information?
LinkedIn provides what is called an “Application Programming Interface” which is a fancy way of saying that you can use web services to access LinkedIn functions.
In order to use the LinkedIn API, first you must register at the LinkedIn developer website.
Once you are registered, you are provided a secret API key that you will use. This key validates that you are you, and not someone else on the system.
Read More »
