This document discusses open source software licensing and how to identify license information within software packages. It explains that licensing matters due to copyright laws and open source license obligations. License information can be found in source code files, license files, readmes and externally. Tools are available to help scan software and identify licenses, but they have limitations so manual review is also needed. Common licensing issues include ambiguous or missing licenses, business model incompatibilities, and attribution obligations. Resources for further information on open source licensing are provided.
Licensing in Composite Open Source ProjectsProtecode
Navigating licenses of composite open source software packages can be a difficult undertaking. Composite projects often contain more than one open source package and each project could have its own individual license, creating potential licensing dilemmas for those who wish to incorporate the code into their own project.
This an analysis and a presentation on free and open source software made by me, This is about relevance of free and open source software and current software technologies which are free and open source to all.
Introduction to the legal aspects and pitfalls of open source and software licensing in general, with a walkthrough (and code snippets) of how to successfully apply a license to an open source project.
Licensing in Composite Open Source ProjectsProtecode
Navigating licenses of composite open source software packages can be a difficult undertaking. Composite projects often contain more than one open source package and each project could have its own individual license, creating potential licensing dilemmas for those who wish to incorporate the code into their own project.
This an analysis and a presentation on free and open source software made by me, This is about relevance of free and open source software and current software technologies which are free and open source to all.
Introduction to the legal aspects and pitfalls of open source and software licensing in general, with a walkthrough (and code snippets) of how to successfully apply a license to an open source project.
Speakers from Fermi National Accelerator Laboratory, Idaho National Laboratory, and Black Duck discuss Open Source Software (OSS) issues from industry and government perspectives. The speakers also delve into the White House open-source policy directive and the impact that releasing federally funded software will have on technology transfer.
Software audit strategies: how often is enough? Protecode
With the widespread use of open source software in proprietary software projects, organizations are looking for ways to mitigate licensing, security and quality vulnerabilities related to open source code. These organizations are increasing deploying software audits which involve scanning a software portfolio to uncover all software packages as well as their associated licensing and copyright obligations, security vulnerabilities and other code attribute information.
Managing Open Source Software Supply ChainsnexB Inc.
Heather Meeker and Michael Herzog discuss the latest trends in open source compliance for supply chain activities: the key legal issues for supply chain management as well as the latest automation tools and projects for open source management.
Agenda
• Legal issues for supply chain management
• Best practices to avoid claims and reduce risk
• Latest automation tools and projects for open source compliance management
Leveraging Open Source Opportunity in the Public Sector Without the RiskProtecode
Open source software presents a huge opportunity for public sector organisations in the UK. Adopting open source solutions allows assets to be shared and re-used; freeing organisations from massively expensive, inflexible “lock-in” solutions. To ensure that this potential is realised, it is imperative that organisations adopt a process for managing potential licensing, security and encryption content associated with open source code.
Join us as we share our tips for streamlining the open source adoption and management process and removing uncertainties around third party software vulnerabilities.
There are multiple reasons why Open Source Software OSS is a benefit for all organisations and in particular in Public Sector.
All of the organisations represented on this call will be tasked with delivering solutions for specific requirements and at great speed. Why create those solutions from generic platforms and be dependent on their long release cycles to evolve the solutions when you can develop just what is needed and then share that with other PS orgs who can modify to suit their requirements which makes for rapid development and lack of redundancy
Ultimately you will be able to control your own destiny and set your own pace for delivering exactly what is needed.
Ubucon 2013, licensing and packaging OSSNuno Brito
As developers of open source and free software, we share our code freely with the world. It feels great. The problem is when someone points out that the code can't be used for some odd reason. Either because of missing license information or because the reported licenses are incompatible.
If you're writing code then you shouldn't miss this talk. We'll be showing which licenses you should avoid mixing (for e.g Apache v2 inside GPL v2) and other tips to avoid a licensing headache. In the end we'll talk about the SPDX format introduced by the Linux Foundation and show practical examples.
This presentation introduces open source software and aims to shed light on why you should care. We’ll highlight what you can or can’t do with it (licensing), and the pros/cons for businesses and individuals.
Rightsizing Open Source Software IdentificationnexB Inc.
Webinar recording available at the end of the slide deck.
Heather Meeker, partner at O'Melveny & Myers LLP and Philippe Ombredanne, founder at nexB Inc. discussed the latest open source software identification tools available for use in your compliance process.
Agenda
- Key Elements of a Policy for use of OSS
- Overview of OSS Identification
- Survey of open source and commercial tools for OSS Identification
- Rightsizing your OSS Identification Process and Tools.
If you are interested in open source scanning and open source compliance products, please visit http://www.nexb.com/, see also https://www.youtube.com/user/DejaCode/ for other webinar recordings.
Open Source and Patent Rights: Collaboration with ConsequencesAurora Consulting
How does the use of or contribution to open-source software impact your intellectual property rights?
In this month's episode, we’re talking about software and the convoluted risk/reward interplay between patents, copyrights, and open source. Use of free open-source code can be an invaluable tool when building complex software applications. Why reinvent wheels? And depending on resources and budget, sometimes it’s the only practical way. But like with most things, free often isn’t really free. The cost is just transferred somewhere else. When it comes to open source, these short term savings can have significant long term consequences for your intellectual property rights.
⦿ Can you mix open source with commercial software and still keep your code private?
⦿ Can you patent your own software that uses open-source software? If so, could you ever actually assert those rights?
⦿ Can you patent open-source software you author and why would you?
We'll discuss answers to these questions and more. Kristen Hansen, Patent Strategist and software patent guru here at Aurora, leads a discussion along with our all star patent panel, exploring:
⦿ The fundamentals of open-source licensing and how certain viral license types can require you to publicly make available your company’s source code.
⦿ How copyrights, patents, and open-source licenses differ in terms of software protection strategies.
⦿ And whether or not – and why you might – patent open-source software and the often proprietary code that leverages it, as well as the associated patent right assertion risks that can come with doing so.
We look at concerns through the eyes of both users and authors of open source. And pragmatically as we can, highlight how it’s possible to construct a strategy where open-source innovation is encouraged without forgoing all future earning power and without blocking others from using it.
Kristen has worked both as a Software Engineer and a Software Patent Agent for the last two decades. She has worked closely with software inventors from Big Tech Valley giants looking to utilize open-source software, while still maintaining their assertable patent portfolios. We couldn’t think of a better person to lead this conversation! Kristen is also joined today by our always exceptional group of IP experts including:
⦿ Dr. Ashley Sloat, President and Director of Patent Strategy at Aurora
⦿ Dr. David Jackrel, President of Jackrel Consulting
⦿ Ty Davis, Patent Strategy Associate at Aurora
Listen to the podcast:
Learn more: https://www.aurorapatents.com/blog/open-source-and-patent-rights
Streamline Open Source Compliance with Package Pre-ApprovalProtecode
Organizations are increasingly looking for ways to improve their compliance processes. Setting up a process for approving open source code, before it even enters the development environment helps ensure compliance issues are kept to a minimum.
Managing Software Inventories & Automating Open Source Software CompliancenexB Inc.
Stephen Gillespie of Fenwick & West and Michael Herzog of nexB review the most common open source license obligations, highlight the challenges of fast paced component-based software development from a compliance angle and what you can do to better monitor this in your software inventories.
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteGoogle
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-pilot-review/
AI Pilot Review: Key Features
✅Deploy AI expert bots in Any Niche With Just A Click
✅With one keyword, generate complete funnels, websites, landing pages, and more.
✅More than 85 AI features are included in the AI pilot.
✅No setup or configuration; use your voice (like Siri) to do whatever you want.
✅You Can Use AI Pilot To Create your version of AI Pilot And Charge People For It…
✅ZERO Manual Work With AI Pilot. Never write, Design, Or Code Again.
✅ZERO Limits On Features Or Usages
✅Use Our AI-powered Traffic To Get Hundreds Of Customers
✅No Complicated Setup: Get Up And Running In 2 Minutes
✅99.99% Up-Time Guaranteed
✅30 Days Money-Back Guarantee
✅ZERO Upfront Cost
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
Speakers from Fermi National Accelerator Laboratory, Idaho National Laboratory, and Black Duck discuss Open Source Software (OSS) issues from industry and government perspectives. The speakers also delve into the White House open-source policy directive and the impact that releasing federally funded software will have on technology transfer.
Software audit strategies: how often is enough? Protecode
With the widespread use of open source software in proprietary software projects, organizations are looking for ways to mitigate licensing, security and quality vulnerabilities related to open source code. These organizations are increasing deploying software audits which involve scanning a software portfolio to uncover all software packages as well as their associated licensing and copyright obligations, security vulnerabilities and other code attribute information.
Managing Open Source Software Supply ChainsnexB Inc.
Heather Meeker and Michael Herzog discuss the latest trends in open source compliance for supply chain activities: the key legal issues for supply chain management as well as the latest automation tools and projects for open source management.
Agenda
• Legal issues for supply chain management
• Best practices to avoid claims and reduce risk
• Latest automation tools and projects for open source compliance management
Leveraging Open Source Opportunity in the Public Sector Without the RiskProtecode
Open source software presents a huge opportunity for public sector organisations in the UK. Adopting open source solutions allows assets to be shared and re-used; freeing organisations from massively expensive, inflexible “lock-in” solutions. To ensure that this potential is realised, it is imperative that organisations adopt a process for managing potential licensing, security and encryption content associated with open source code.
Join us as we share our tips for streamlining the open source adoption and management process and removing uncertainties around third party software vulnerabilities.
There are multiple reasons why Open Source Software OSS is a benefit for all organisations and in particular in Public Sector.
All of the organisations represented on this call will be tasked with delivering solutions for specific requirements and at great speed. Why create those solutions from generic platforms and be dependent on their long release cycles to evolve the solutions when you can develop just what is needed and then share that with other PS orgs who can modify to suit their requirements which makes for rapid development and lack of redundancy
Ultimately you will be able to control your own destiny and set your own pace for delivering exactly what is needed.
Ubucon 2013, licensing and packaging OSSNuno Brito
As developers of open source and free software, we share our code freely with the world. It feels great. The problem is when someone points out that the code can't be used for some odd reason. Either because of missing license information or because the reported licenses are incompatible.
If you're writing code then you shouldn't miss this talk. We'll be showing which licenses you should avoid mixing (for e.g Apache v2 inside GPL v2) and other tips to avoid a licensing headache. In the end we'll talk about the SPDX format introduced by the Linux Foundation and show practical examples.
This presentation introduces open source software and aims to shed light on why you should care. We’ll highlight what you can or can’t do with it (licensing), and the pros/cons for businesses and individuals.
Rightsizing Open Source Software IdentificationnexB Inc.
Webinar recording available at the end of the slide deck.
Heather Meeker, partner at O'Melveny & Myers LLP and Philippe Ombredanne, founder at nexB Inc. discussed the latest open source software identification tools available for use in your compliance process.
Agenda
- Key Elements of a Policy for use of OSS
- Overview of OSS Identification
- Survey of open source and commercial tools for OSS Identification
- Rightsizing your OSS Identification Process and Tools.
If you are interested in open source scanning and open source compliance products, please visit http://www.nexb.com/, see also https://www.youtube.com/user/DejaCode/ for other webinar recordings.
Open Source and Patent Rights: Collaboration with ConsequencesAurora Consulting
How does the use of or contribution to open-source software impact your intellectual property rights?
In this month's episode, we’re talking about software and the convoluted risk/reward interplay between patents, copyrights, and open source. Use of free open-source code can be an invaluable tool when building complex software applications. Why reinvent wheels? And depending on resources and budget, sometimes it’s the only practical way. But like with most things, free often isn’t really free. The cost is just transferred somewhere else. When it comes to open source, these short term savings can have significant long term consequences for your intellectual property rights.
⦿ Can you mix open source with commercial software and still keep your code private?
⦿ Can you patent your own software that uses open-source software? If so, could you ever actually assert those rights?
⦿ Can you patent open-source software you author and why would you?
We'll discuss answers to these questions and more. Kristen Hansen, Patent Strategist and software patent guru here at Aurora, leads a discussion along with our all star patent panel, exploring:
⦿ The fundamentals of open-source licensing and how certain viral license types can require you to publicly make available your company’s source code.
⦿ How copyrights, patents, and open-source licenses differ in terms of software protection strategies.
⦿ And whether or not – and why you might – patent open-source software and the often proprietary code that leverages it, as well as the associated patent right assertion risks that can come with doing so.
We look at concerns through the eyes of both users and authors of open source. And pragmatically as we can, highlight how it’s possible to construct a strategy where open-source innovation is encouraged without forgoing all future earning power and without blocking others from using it.
Kristen has worked both as a Software Engineer and a Software Patent Agent for the last two decades. She has worked closely with software inventors from Big Tech Valley giants looking to utilize open-source software, while still maintaining their assertable patent portfolios. We couldn’t think of a better person to lead this conversation! Kristen is also joined today by our always exceptional group of IP experts including:
⦿ Dr. Ashley Sloat, President and Director of Patent Strategy at Aurora
⦿ Dr. David Jackrel, President of Jackrel Consulting
⦿ Ty Davis, Patent Strategy Associate at Aurora
Listen to the podcast:
Learn more: https://www.aurorapatents.com/blog/open-source-and-patent-rights
Streamline Open Source Compliance with Package Pre-ApprovalProtecode
Organizations are increasingly looking for ways to improve their compliance processes. Setting up a process for approving open source code, before it even enters the development environment helps ensure compliance issues are kept to a minimum.
Managing Software Inventories & Automating Open Source Software CompliancenexB Inc.
Stephen Gillespie of Fenwick & West and Michael Herzog of nexB review the most common open source license obligations, highlight the challenges of fast paced component-based software development from a compliance angle and what you can do to better monitor this in your software inventories.
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteGoogle
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-pilot-review/
AI Pilot Review: Key Features
✅Deploy AI expert bots in Any Niche With Just A Click
✅With one keyword, generate complete funnels, websites, landing pages, and more.
✅More than 85 AI features are included in the AI pilot.
✅No setup or configuration; use your voice (like Siri) to do whatever you want.
✅You Can Use AI Pilot To Create your version of AI Pilot And Charge People For It…
✅ZERO Manual Work With AI Pilot. Never write, Design, Or Code Again.
✅ZERO Limits On Features Or Usages
✅Use Our AI-powered Traffic To Get Hundreds Of Customers
✅No Complicated Setup: Get Up And Running In 2 Minutes
✅99.99% Up-Time Guaranteed
✅30 Days Money-Back Guarantee
✅ZERO Upfront Cost
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Mind IT Systems
Healthcare providers often struggle with the complexities of chronic conditions and remote patient monitoring, as each patient requires personalized care and ongoing monitoring. Off-the-shelf solutions may not meet these diverse needs, leading to inefficiencies and gaps in care. It’s here, custom healthcare software offers a tailored solution, ensuring improved care and effectiveness.
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
How Recreation Management Software Can Streamline Your Operations.pptxwottaspaceseo
Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
2. Protecode Inc. 2014
Agenda
Why Licensing Matters
What defines Free and Open Source Software
Where to look
What to do with licenses found
Tools and Resources
Q & A
2
Normand Glaude,
COO, Protecode
nglaude@protecode.com
Disclaimer: I am not a lawyer. The material presented in this webinar in for informational
purposes only and not for the purpose of providing legal advice.
3. Protecode Inc. 2014
Open Source Software
The good: enables rapid software development
– Easy access to code, hundreds of thousands of projects
– Faster, more functional
– Enables new business models
The challenge: Uncertain ownership structure
– Intellectual property - copyright, license
– Requires due diligence
3
4. Protecode Inc. 2014
Why Licensing Matters
Copyright Laws are (mostly) Universal
– Governed by the WTO, 168 states parties to the
Berne Convention
• Copyright is automatic, whether registered or not
Open Source Licenses
– Copyright owner’s way of giving right to use
– Most open source licenses have obligations
– May or may not suit your business model
4
5. Protecode Inc. 2014
FOSS, as in Free Software?
Free Software, according to the Free Software Foundation:
“Free software” means software that respects users' freedom and community.
Roughly, it means that the users have the freedom to run, copy, distribute,
study, change and improve the software. Thus, “free software” is a matter of
liberty, not price. To understand the concept, you should think of “free” as in
“free speech,” not as in “free beer”.
Source: http://www.gnu.org/philosophy/free-sw.html
“… Open Source misses the point of Free Software.”
Source: http://www.gnu.org/philosophy/open-source-misses-the-point.html
5
6. Protecode Inc. 2014
FOSS, as in Open Source Software?
The Open Source Definition, according to the Open Source
Initiative:
1. Free Redistribution
2. Source Code
3. Derived Works
4. Integrity of The Author's Source Code
5. No Discrimination Against Persons or Groups
6. No Discrimination Against Fields of Endeavor
7. Distribution of License
8. License Must Not Be Specific to a Product
9. License Must Not Restrict Other Software
10. License Must Be Technology-Neutral
Source: http://www.gnu.org/philosophy/open-source-misses-the-point.html
6
7. Protecode Inc. 2014
Where to find licensing information
Everywhere!
– Any and every file in the package
• Source code, header files, license files, readme, archives…
– Even outside the package
• Website, forums
Information to consider
– Full License Text
– References to licenses
– Documentation that clarifies licensing
– Location where references/text was found
– Documentation external to package
7
8. Protecode Inc. 2014
File License
Reference to license information
– Typically found in the header section of the file
– Generally applies to the whole file (sometimes to code snippet)
– Impractical to include complete license text
8
10. Protecode Inc. 2014
Full License Text
Required by all licenses
– Web sites and links change over time
– A package is transferred as a unit == does not change
Contains
– Permissions, conditions, obligations, disclaimers, exceptions,
etc.
Location Matters!
– Where did you find the license file?
• At the root of the package?
• In a sub-folder?
• In a documentation folder?
– What is the scope of the license?
10
12. Protecode Inc. 2014
License Notices
Documentation about licenses
– Often found at or near the root of a package
– Contain statements and clarification about licenses
• Are they it conjunctive (AND) or disjunctive (OR)
• Are 3rd party components included or packaged separately
– Understand structure of package
Often depends on hosting forge and language
– Examples:
• Github license.md, readme.md
• Ruby packaged as Gem files with embedded license tags
Internal and External References
12
14. Protecode Inc. 2014
Project Types
Simple
– Homogenous licensing
– Original content, no 3rd party included in packages
Example: Apache HTTPClient
Composite
– Mixed or homogenous licensing
– Some original content, some 3rd party
Example: Vaadin
Distributions
– Mostly mixed licensing
– Mostly repackaged 3rd party
– Generally well structured, many packages
Example: 4MLinux
14
15. Protecode Inc. 2014
So, which license applies?
Dual and multi-licensing
– Pick one
Relicensing vs. sublicensing
– Pick
Compatibility of licenses
– Incompatibilities mostly with copyleft licenses
– GPL incompatibilities well documented
Files with no copyright
– Who’s creation?
Ask for clarification!
15
16. Protecode Inc. 2014
Tooling
Free Tools
– Perform a superficial scan of the source code
• Fossology (http://www.fossology.org)
• SPDX (http://spdx.org)
• Windriver (http://spdx.windriver.com)
• Ninka (http://ninka.turingmachine.org)
Commercial tools
– Perform a deep scan of the source code,
archives and binaries
• Use a reference database
• Identify full file content AND code snippet
• Find project information,
– source repositories, security vulnerabilities, etc.
– Perform local scan of the source code
• Identify attributes of proprietary software, not found in reference DB
16
17. Protecode Inc. 2014
Automated Software Scanning
Automated Scan (Protecode Enterprise AnalyzerTM)
• Target files: source code, binaries, archives
• Information files
– README, COPYING, LICENCE.txt, etc.
• Two-step scan:
1. Local scrubbing of software files
2. Similarity with public-domain OSS
• Fast: ~ 4k files (100 – 200 Mbytes)/hour
Raw machine output
• OSS projects, packages, versions,
licenses, copyrights, vulnerabilities,
encryption content, etc.
• Modified/unmodified software
• Proprietary, unknowns, conflicting licenses, etc.
17
18. Protecode Inc. 2014
Typical Licensing Issues
Uncovered in Open Source
OSS content with ambiguous / no license terms
– Software with copyrights but no licenses
– Software with authors but no copyrights / licenses
– Software with no pedigree information
– Software with conflicting license information
– Public domain software with proprietary licenses
Licenses business model mismatch
– i.e. modified restrictive/copyleft licensed content in
closed source commercial software
– Cloud deployments and newer license models
– Warranties and support models
– Attribution obligation
18
19. Protecode Inc. 2014
Open Source License Resources
19
Software Freedom and Intellectual Property Law
by Lawrence Rosen
• http://www.rosenlaw.com/oslbook.htm
Open Source Initiative
• http://opensource.org/licenses
Free Software Foundation
• https://www.fsf.org/
SPDX: Software Package Data Exchange®
• http://spdx.org
Fossology
• http://www.fossology.org/
Contact Us:
nglaude@protecode.com
http://protecode.com
Please type your questions into
the chat box to the right.