Testing Software Code for Open Source Components

"Software houses can check whether the code they develop has copied even just one snippet of code from any of 38 million open source files, using a new product that relies on source code 'fingerprinting' to reduce the risk of getting sued.

The product from San Francisco-based Palamida promises to give customers a full understanding of the origin, version, location and licence of open source and other third party code in their software products and applications.

While open source software can be used in commercial products, vendors must comply with the licence terms. The risk of misuse was highlighted last month when the UK subsidiary of security software firm Fortinet settled a lawsuit over its alleged non-compliance with the terms of the General Public Licence (GPL), which underpins the distribution of most open source software. So any software house need to be aware of what third party code has been used in development projects. "

For links, see this Information Policy post.