SFLC's Roadmap for Open Source Software Vendors
by Mike Gunderloy - Aug. 21, 2008Comments (0) | Trackback URL- Related Blog Posts
- Push Comes to Shove Comes to Whack-A-Mole: FSF Suit Against Cisco
- Black Duck Software on Open Source Myths
- Moody on Gartner: Math Is Right, But Needs to Show Work
- Book Review: Intellectual Property and Open Source
- Relax, Open-Source Lawyers Aren't About to Sue You
We've covered the Software Freedom Law Center's GPL enforcement efforts several times in the past. But their efforts on behalf of the free software community extend far beyond trying to right wrongs in court; they also do what they can to prevent the wrongs from happening in the first place. Their latest move in this direction is an online white paper titled "A Practical Guide to GPL Compliance."
If your company is thinking about shipping a product based on or including open-source software - especially if this software uses the GPLv2 or GPLv3 for its license - then this paper ought to be required reading. That's because it not only explains your obligations under the GPL (with emphasis on source code redistribution) but also lays out practical things you can do to prevent compliance violations from happening. Though the overall tone of the paper is suitable for management reading, lead developers should be aware of its contents too.
The best practices here will be of interest to development teams. These include identifying the deliverables you're producing that have license requirements, carefully monitoring the software that goes into your system, and having good change and release management systems. The goal is to avoid the "build guru" and to be able to reliably and reproducibly turn out the source for any given binary, along with the instructions for building it. (Of course, this is good practice for any software product, open source or not, but it's surprisingly difficult in practice for many shops).
The SFLC also carefully reviews how you can be in compliance with the licensing. This section is primarily aimed at management, but there will likely be surprises even for experienced open source developers. For example, do you understand which versions of the GPL allow source distribution solely via BitTorrent, and how that is limited?
Other topics covered include how to deal with any notification of noncompliance, how to maintain good relations with upstream software vendors, and the sorts of terms you might have to adhere to if you need to get back your rights to distribute after a violation. All in all, this is the sort of practical advice that can go a long way to counteract the FUD about free software licenses that is still far too common.
Vijaya Kumar Reddy Maddela uses OStatic to support Open Source, ask and answer questions and stay informed. What about you?
Comments
Share Your Comments
Trackback URL
Featured Member
View
Vijaya Kumar Reddy MaddelaWe will work on Java Composite Application and Open-esb Tools in providing solutions for different verticals
http://ostatic.com/trackback/171267