Tracking which software licenses are being used as part of an application
development lifecycle is an important activity. Developers need to know
where code is being used and whether or not it has been approved for use.
Software licensing vendor Black Duck now claims to have both parts of the
software licensing issue conundrum in check with its new Code Center
application working in concert with Black Duck’s protexIP software
compliance management platform.
“What we have designed is an enterprise class management system that is
designed to enable software developers to maximize the use of code
components and also maximize re-use scenarios using either open source or
third party code,” Black Duck CEO Doug Levin told InternetNews.com.
Black Duck’s Code Center includes search, selection and approval workflow
capabilities as well as a whole set of tracking mechanisms for software
components. Levin noted that code re-use is becoming increasingly more
common with enterprises using open source code components as well as third-party Java source code in the form of .jar files.
In addition to identifying what is being used as part of a particular
software development project, Code Center also enables users to check to see
if a particular piece of code is being used somewhere else.
Levin noted that as code components move throughout the application
development lifecycle it’s good to be able identify the source of where the
code the code came from as well whether or not it has already been approved
for use.
While code management is a very competitive market with big vendors like
IBM’s Rational holding sway, Levin sees Code Center as being a complementary
effort.
“IBM is a strategic partner of ours and we’ll integrate with the whole range
of Rational projects,” Levin said. “We don’t compete with Rational because
the main benefit of Code Center is for dealing with components that are
outside of the company and are being licensed in or downloaded. Most
rational product deal with software files that are located inside the
company and don’t have an outside component. So we’re very complementary.”
In addition to IBM Rational, Code Center also has support for Eclipse and
will work with Eclipse based IDEs
The Black Duck Code Center will be available as a standalone product though
Levin noted it makes sense to be used together with Black Duck’s current
flagship product protexIP. Levin explained that what protexIP does is code
analysis to do the final build report for an application identifying all the
included licenses and any associated licensing issues.
In Levin’s view Code Center makes sense at the beginning of the software
development lifecycle as a complement to what protexIP can do at the end.
That said, there could be a need for protexIP at the beginning of the process
as well helping developers to try and determine what a particular component
of open source or third party code actually contains from a licensing
perspective.
One of Levin’s success criteria for the roll out of Code Center in fact is
that a good number of Black Duck’s existing protexIP customers adopt Code
Center.
There has been increasing emphasis in recent months on managing open source
code in order to ensure that it is being used properly. The Software
Freedom Law Center bringing legal suits on
behalf of developers against a trio of companies including
Verizon.
Black Duck’s protexIP is among the solutions that may help to
keep
enterprises away from the courtroom. Just last week HP launched its
own effort to help enterprises with open source licensing issues.
“We think there is a whole group of enterprise customers that are that just
starting to adopt open source and they are looking to support it,” Levin
said. “We hope they will start with Code Center and then back into protexIP”