SBN

How to Manage Your Open Source Licenses in 2022

Organizations are absorbing a huge amount of open source component software.  These tools come with unique requirements that are becoming unwieldy to resolve. Companies are asking for problems both by allowing licenses they should not and by not fulfilling the requirements of those licenses.  You need automation to help manage this situation and avoid litigation.

Why do I need license management?

The use of 3rd party software to power development is nothing new. But the wide use of openly developed software as commonly used components in software has only been normalized in the last ten years. Today, developers around the world use open source tools because it makes life easier and accelerates the pace of innovation.  What’s not often understood is how successful this has been.

The numbers are surprising – our 2021 data suggests open source package or component downloads totaling 2.2 trillion from third-party software ecosystems.  That may seem like the peak of a trend, but this is not a unique year.  In fact, this pace has only increased over time and shows no signs of slowing down.  We’re seeing substantial growth over the previous year in the top four development languages:

Growth in component downloads by language

Growth in component downloads by language

Each one of these downloads represents a software development team reaching out to their servers for an open source software component.

This movement has caught many in the open source community and many organizations off guard.  In particular, every one of those 2.2 trillion software components comes with some kind of legal agreement. Developers who merely publish their source code don’t make it open – “the only way to actually make your code open source and freely available is to attach a license to it” (Ars Technica)  

Open source (Read more...)

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Luke Mcbride. Read the original post at: https://blog.sonatype.com/how-to-manage-your-open-source-licenses-in-2022