Lawyers vs Developers, The Fight Over FOSS in the Enterprise
Enterprises have learned that Open Source is the way to develop great and mature software. Leveraging open source tools and packages allows the enterprise to go to market faster and have stronger applications. Therefore, using Open Source tools is a no brainer for developers. The lawyers on the other hand don’t see it the same way.
The speaker had the privilege of working with the Open Source approval and review process in a large security firm. In this UpSCaLE talk, he will share lessons learned from this process and some best practices that developers should do to make the Enterprise Lawyers happy as much as the developers are.
Each organization that uses Open Source software – even in an unedited form – has a list of FOSS licenses that are acceptable and some that are not. Also, has strict requirements on how to handle the software and how to incorporate it in the distribution of the company’s products. In this UpSCaLE talk, we go through some of the lessons learned and pitfalls that some Open Source packages have, such as:
1.Not inserting a copyright clause in project code or homepage
2.Asking the user to alter the code in order to change the license from GPL to MIT, for example
3.Using dependencies that could be outdated or have CVE’s against it
Not providing enough information to build the code from scratch