Publications

Reports and Guides from the Linux Foundation

LFPubs

Explore Linux Foundation Publications

Discover insights from our projects and open technology thought leaders.

Open Source: The Missing Data and Management Layer

Today’s economy runs on open source, and organizations must be able to coordinate their internal contributions to open source projects, measure the outcomes, and gather all the different pieces of data, including code contributions, event talks and attendance, project governance, and technical advisory committee roles — It is both painful and ...

New Horizons for Open Source

In 2021, The Linux Foundation continued to see organizations embrace open collaboration and open source principles, accelerating new innovations, approaches, and best practices. As a community, we made significant progress in the areas of cloud-native computing, 5G networking, software supply chain security, 3D gaming, and a host of new industry ...

TODO Group: Why Open Source matters to your enterprise

There are many business reasons to use open source software. Many of today’s most significant business breakthroughs, including big data, machine learning, cloud computing, Internet of Things, and streaming analytics, sprang from open source software innovations. Open source software often comes into an organization as the backbone of many ...

Linux Foundation Annual Report 2020

2020 has been a year of challenges for the Linux Foundation (“LF”) and our hosted communities. During this pandemic, we’ve all seen our daily lives and those of many of our colleagues, friends, and family around the world completely changed. Too many in our community also grieved over the loss of family and friends. It was uplifting to see LF ...

An open guide to evaluating software composition analysis tools

With the help of software composition analysis (SCA) tools, software development teams can track and analyze any open source code brought into a project from a licensing compliance and security vulnerabilities perspective. Such tools discover open source code (at various levels of details and capabilities), their direct and indirect dependencies, ...

Software-defined vertical industries: transformation through open source

What do some of the world’s largest, most regulated, complex, centuries-old industries such as banking, telecommunications, and energy have in common with rapid development, bleeding-edge innovative, creative industries such as the motion pictures industry? They’re all dependent on open source software.

Report on the 2020 FOSS Contributor Survey

Free and Open Source Software (FOSS) has become a critical part of the modern economy. It has been estimated that FOSS constitutes 80-90% of any given piece of modern software, and software is an increasingly vital resource in nearly all industries. This heavy reliance on FOSS is common in both the public and private sectors, in both tech and ...

Linux Kernel History Report 2020

There are many business reasons to use open source software. Many of today’s most significant business breakthroughs, including big data, machine learning, cloud computing, Internet of Things, and streaming analytics, sprang from open source software innovations. Open source software often comes into an organization as the backbone of many ...

Solving technical debt with open source

In a new Linux Foundation paper, Technical Debt and Open Source Development co-authored by Ibrahim Haddad, Ph.D. and Cedric Bail, M.Sc., the causes and consequences of technical debt are explored in detail. It includes discussions on identifying technical debt, how to minimize it, the role of open source development, and strategies to address the ...

Understanding US export controls with open source projects

One of the greatest strengths of open source development is how it enables collaboration across the entire world. However, because open source development is a global activity, it necessarily involves making available software across national boundaries. Some countries’ export control regulations, such as the United States, may require taking ...

A guide to open source software for procurement professionals

The first and most important step in negotiating any agreement is always to get the facts.  For example, when negotiating a software development agreement, the developers for both parties probably assume that the software will include many pre-existing components written by third parties.  If the procurement and legal personnel negotiating the ...

Docker containers: What are the open source licensing considerations?

Deployment, distribution, and execution of software and especially services have significantly changed in the last few years. A few years ago, a person had to install a Linux based OS distribution with the necessary software and dependencies — these days, it is now much more common to “spin up a Docker container” and run a service. A container is ...

Open Source Software Supply Chain Security

As cybersecurity incidents have continued to grow in magnitude, frequency, and consequences, both public and private sector attention has turned to questions of what, if anything, organizations may do to better manage the risks of today’s modern, connected world.

Improving Trust and Security in Open Source Projects

When you take a step back and think about the volume of emerging technology and think about industry trends such as increasing the velocity of software releases and the reuse of code and services, you could be forgiven for holding your hands up and concluding that things are trending in the wrong direction for us to ever have secure software.

Assessment of Open Source Practices as Part of Due Diligence in Merger and Acquisition Transactions

  This open source merger and acquisition (M&A) assessment checklist is intended as a tool to help evaluate the open source practices of an organization as part of the due diligence process. The checklist presents a set of recommended practices distilled from the experiences of organizations committed to encouraging the use of open source ...

Open Source Compliance in the Enterprise

Open Source Compliance in the Enterprise, 2nd edition, by Ibrahim Haddad outlines best practices for organizations to adopt and use open source code in products and services, as well as participate in open source communities in a legal and responsible way.

Enterprise Open Source: A Practical Introduction

If your company is involved in software engineering, it is very likely you already use open source software in your products or services; if so, you must have an open source strategy to ensure you are making the best use of open source software while protecting yourself from potential risks and liabilities.

Practical GPL Compliance

Practical GPL Compliance is a guide for startups, small businesses, and engineers tasked with shipping products that contain GNU General Public License Version 2 (GPLv2) code. Whether you work in consumer electronics, drones, IoT, or automotive devices based on generic Linux or Android code-bases, this guide is for you. In this 50+ page guide ...