[LRUG] Open Source and the Enterprise

Sleepyfox sleepyfox at gmail.com
Sat Aug 2 02:31:37 PDT 2014


Sadly yes, Black Duck is a real thing. I suspect, like a great many
processes, procedures and protocols in vogue with enterprise organisations
- it is needed far less than most managers think it is.

Fox
--
"What does the @sleepyfox say?"



On 1 August 2014 19:11, Alan Buxton <alanbuxton at gmail.com> wrote:

> Thanks all for the responses – very helpful.
>
>
>
> @sleepyfox thanks for the kind offer of your service. If you can provide
> me with your physical address I can have someone courier round the 200-page
> RFP for you to complete. Naturally our security policy prevents me sending
> by email.
>
>
>
> …. Oh no… I just looked up Black Duck and realised it is a real thing.
> Seriously?
>
>
>
> Alan
>
>
>
> *From:* Chat [mailto:chat-bounces at lists.lrug.org] *On Behalf Of *Sleepyfox
> *Sent:* 31 July 2014 03:23
> *To:* Kerry Buckley
> *Cc:* chat
> *Subject:* Re: [LRUG] Open Source and the Enterprise
>
>
>
> I'd like to add that as former Open Source professional, and a Black Duck
> certified... quackpot? That there is software that Black Duck will happily
> provide your Enterprisey company with to trace all of your source code and
> tell you what OSS is in your project and where the source came from. This
> is achieved by source code matching, so even if you stripped the comments
> and cut and pasted code from someone's github repo, it will catch it and
> attribute it correctly.
>
>
>
> This is expensive and a) worthless to most startups/SMEs and b) invaluable
> to companies like ARM that @Gavin mentioned.
>
>
>
> Fox
>
> --
>
>
>
>
>
> On 30 July 2014 19:37, Kerry Buckley <kerryjbuckley at gmail.com> wrote:
>
> On 30 July 2014 at 19:04:45, Gavin Heavyside (gavin at heavyside.co.uk)
> wrote:
>
> To most of us, me included these days, this goes beyond the scope of what
> is necessary or proportionate to protect our businesses. With larger, more
> legally minded enterprises, particularly those with enterprise and/or
> potentially litigious customers, projects with a CLA or other attribution
> agreement required for all contributions might be easier to get approval
> for.
>
> Also important for any policy to distinguish between open source use in
> products where you actually ship the software, those where it’s used to
> power services, and those that are purely internal.
>
> Kerry
>
>
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org
> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20140802/cb3ebf40/attachment.html>


More information about the Chat mailing list