As open source usage becomes mainstream, it’s important to ensure you’re using a product your company can rely on in the future and that the use complies with open source licensing.
Open source support provider OpenLogic reports over 330,000 open source software packages for enterprises to choose from. Finding the right open source project, with the right license and the assurance of a viable future for the project can be difficult for enterprises to say the least.
Finding the right open source product:
OpenLogic mines through these 330,000 packages to certify and provide direct support subscriptions for over 500 of these open source packages. OpenLogic uses a 42 point certification process to reduce the risk associated with a given open source package. By narrowing down the field from 330,000 to approximately 500, OpenLogic helps enterprises focus their open source selections to projects with, amongst other things, a viable community, well understood licensing, documentation and active maintenance by the project leader.
New to the open source project evaluation arena is SOS Open Source, an automated methodology from open source strategist Roberto Galoppini. The tool enables companies to determine the level of risk associated with using any given open source software. SOS Open Source uses 24 metrics and information collected from open source project directories, forges and meta-forges. Galoppini explains that SOS Open Source is keenly focused on the project strength, measured by the stability and maturity of the project and whether the project is backed by a predictably viable community. Related to the quality of community, Galoppini’s methodology also measures the level of community or vendor support available. Finally, the methodology attempts to rate the possibility of project evolution, whether by the current project committers or third parties. Funambol, an open source provider of cloud synchronization and push email, was recently rated highly using Galoppini’s SOS Open Source evaluation.
Ensuring compliance with open source licensing:
But what if your developers are already using open source without of your knowledge? Well, there’s an app for that. Amongst others, Black Duck Software, OpenLogic and Protecode offer services that can crawl through your enterprise and report back the use of open source software. In fact, these vendors can even crawl through the source code in your internally developed applications to ensure that open source libraries or code fragments are not being used in contravention of their associated licenses.
If your company hasn’t already set an open source usage policy, there’s no better time than the present to start down that path.
Follow me on twitter at: SavioRodrigues
PS: I should state: “The postings on this site are my own and don’t necessarily represent IBM’s positions, strategies or opinions.”