The Linux Foundation has released the second edition of Open Source Compliance in the Enterprise by Ibrahim Haddad, which offers organizations a practical guide to using open source code and participating in open source communities while complying with both the spirit and the letter of open source licensing.
This fully updated ebook — with new contributions from Shane Coughlan and Kate Stewart — provides detailed information on issues related to the licensing, development, and reuse of open source software. The new edition also includes all new chapters on OpenChain, which focuses on increasing open source compliance in the supply chain, and SPDX, which is a set of standard formats for communicating the components, licenses, and copyrights of software packages.
“Open source compliance is the process by which users, integrators, and developers of open source observe copyright notices and satisfy license obligations for their open source software components,” Haddad states in the book.
This 200+ page book encompasses the entire process of open source compliance, including an introduction on how to establish an open source management program, a description of relevant roles and responsibilities, an overview of common compliance tools and processes, and all new material to help navigate mergers and acquisitions. It offers proven best practices as well as practical checklists to help those responsible for compliance activities create their own processes and policies.
Essential topics covered in this updated ebook include:
- An introduction to open source compliance
- Compliance roles and responsibilities
- Building a compliance program
- Best practices in compliance management
- Source code scanning tools
To learn more about the benefits of open source compliance and how to achieve it, download the free ebook today!
- The Linux Foundation Brings Together IT and Finance Teams to Advance Cloud Financial Management and Education - June 29, 2020
- SODA Foundation Gains New Investments, Expands Charter to Address Increasing Need for Data Autonomy - June 29, 2020
- SPDX Specification Becomes the Second ISO/IEC JTC 1 Submission From JDF - June 29, 2020