Via Computerworld, “Black Duck Software Inc. today unveiled a hosted, on-demand service designed to help companies that use open-source and proprietary software side by side check license compliance, intellectual property rights and development integrity”.
It sounds like the tool can analyze code down to the snippet:
The software can recognize code from thousands of open-source programs that may have been inserted into user’s source code — even small blocks of code or code that has been modified. It then identifies the license associated with the open-source code from a database of hundreds of license types and highlights potential conflicts between that license and other license restrictions or business policies. Finally, it creates a “punch list” of the issues for review by the company’s legal counsel and software engineers.
For years now I’ve been telling people in my presentations on IT M&A that absolute statements of IP ownership in M&A agreements and the like skate above the surface of what really happens in software development – code often comes from everywhere, and its originality / provenance is frequently impossible to verify. Now, perhaps, not so much.
{ 1 trackback }