451 CAOS Theory 
A blog for the enterprise open source community
Know your code, know open source
Jay Lyman, February 4, 2008 @ 1:01 pm ETIt used to be there were only a couple of players in town who combed through software code, specifically looking for open source packages and licenses: Black Duck and Palamida. A year ago, we figured there was plenty of room for additional players, but we had no idea how many companies would end up coming to the open source code scanning table.
Some code search and development tools, such as Google Code Search, Koders and Krugle, were among the first to begin crossing over to code scanning. Still others in this category include: Codase, Codefetch and O’Reilly’s Code Search.
We’ve also seen open source stack providers and supporters, such as OpenLogic and SourceLabs, widen to include code scanning, accounting and governance in their work with open source software.
There has also been more code comprehension coming from open source community sites, such as Ohloh and the Enterprise Open Source Directory from Optaros.
Now, we see Hewlett-Packard with others, amid some controversy, putting its own internal open source scanning technology and expertise to work for itself and the community with FOSSology.
One thing we thought was missing from the previous few players was a company that scanned code in some fashion using software thate was itself open source. It seems the options are not only growing, but are also opening up. Code searchers, such as Krugle, have open source versions. Ohloh has opened the code behind its open source community site. Now, despite whipping up a little dust, comes a collaborative, open effort from HP with the FOSSBazaar governance community and FOSSology, which is licensed under the GPL.
It’s likely all of this open code scanning is going to raise awareness and understanding of open source software. In fact, based on discussions with players like Black Duck, Palamida, OpenLogic and others, there are many organizations out there professing not to use or condone open source software. In reality, these enterprise organizations are like most others in their significant reliance on open code. Seems it’s getting harder for them to ignore the open source wake-up call.
Comments (2) Categories: Software
We agree that open source software in the enterprise is here to stay, and welcome FOSSology adding its voice to what Krugle and others have been saying for some time. As its growth continues we will face an inevitable question: licensing aside, at what point does FOSS become practically indistinguishable from in-house, proprietary software?
In other words, is there any difference between integrating with FOSS versus integrating with a module writeen by another team, or another vendor? We’re already hearing from our customers that it boils down to the same problem: how can developers get up to speed on code that they didn’t write themselves?
Naturally, we think the answer is search because it drives discovery and adoption of FOSS in the first place (within the bounds of a company’s open source governance rules), and then makes its use more efficient. After all, if you can’t find code, you can’t fix it; you can’t reuse it; and you can’t learn from it.
[...] The 451 Group added to the discussion by mapping the players in this market and stressing that it’s a matter of understanding (or orientation), not removal. This space is also getting rather crowded on the face of it. It used to be there were only a couple of players in town who combed through software code, specifically looking for open source packages and licenses: Black Duck and Palamida. A year ago, we figured there was plenty of room for additional players… [...]