SPEAKER

Guillaume Rousseau

CEO and co-founder

September 22nd, 2011

From 11:30 to 11:50

WHERE

EUROSITE GEORGES V

Bruxelles

Under the patronage of

Institution partners

Diamond Sponsors

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Bronze Sponsors

Organizers

Main Organizer

Co-organizers

Experiment day organizers

How to help development team manage FOSS during the whole industrial process.

Today, most software development teams use free and open source software (FOSS) components, because it increases the speed and the quality of the development.
Many open source components are the de facto standard of their category.
However, FOSS has licensing restrictions, and corporate organizations usually maintain a list of allowed and forbidden licenses.
But how do you enforce this policy? How can you make sure that ALL files in your source depot, either belong to you, or fit your licensing policy ?

A first, preventive approach is to train and increase the awareness of the development team to these licensing issues.
Depending on the size of the team, it may be costly but necessary.
However, this does not ensure that a single individual will not commit a forbidden icon or library, and jeopardize the legal status of the whole release... if not the company, since software is becoming more and more a critical asset.

Another approach is to verify what is included in the source repository, and check whether it belongs to the open-source world.
This can be done on-the-fly, whenever a new file is added into the source depot.
It can also be part of the release process, as a verification step before publishing the release.
In both cases, there are some tools and databases to automate the detection process.

We will present the various options regarding FOSS detection,
how this process can be integrated in the "software factory", and how the results can be displayed in a usable and efficient way.

We will also present Antepedia.com, the first freely open source detection platform,
and how we continuously populate it from the various FOSS forges and repositories: SourceForge, Google Code, Maven Central, etc.

You must be logged in to post comments!.