Post on 18-Dec-2014
description
1© Copyright 2010-2011 Antelink SAS
EOLE 2011Barcelona, Spain
Managing FOSS during development Preventive and curative approaches.
Guillaume ROUSSEAU, CEO
2© Copyright 2010-2011 Antelink SAS
About Antelink
Open Source goes main stream
Third part related quality issues
Preventive vs curative approaches
Antepedia,toward the census of open source code history
Table of Content
3© Copyright 2010-2011 Antelink SAS
About Antelink
A venture backed european software vendor specializing – in software lifecycle management– the detection of open source
Components
Antelink helps you keep control of your software integration and supply chain in a globalized world.
4© Copyright 2010-2011 Antelink SAS
Open Compliance Program Software Package Data Exchange
Software Quality Assurance and Trustworthiness (SQUAT)
+3.000 projects / +10.000 users
About Antelink
5© Copyright 2010-2011 Antelink SAS
About Antelink
Open Source goes main stream
Third part related quality issues
Preventive vs curative approaches
Antepedia,toward the census of open source code history
Table of Content
6© Copyright 2010-2011 Antelink SAS
Open Source has gone mainstream
}
7© Copyright 2010-2011 Antelink SAS
Open Source has gone mainstream
By 2013, 90% will include OSS as part of their IT strategy
Melinda-Carol Ballou
Program Director Application Life-Cycle Management & Executive
Strategies." This continues the existing trend for combining internal IT resources with contractors, both onshore and offshore providers, and use of Open Source."
8© Copyright 2010-2011 Antelink SAS
Developers
Software Factory
compile
test
integration test
package
analysis
Developers
Software Factory
compile
test
integration test
package
analysis
Developers
Software Factory
compile
test
integration test
package
analysis
Product
Final product
Product
Final productBill of Material
Product
Final product
Product
Final product
Authors
Leading to a dramatic increase in complex sourcing
9© Copyright 2010-2011 Antelink SAS
About Antelink
Open Source goes main stream
Third part related quality issues
Preventive vs curative approaches
Antepedia,toward the census of open source code history
Table of Content
10© Copyright 2010-2011 Antelink SAS
Know what is in your code ...
Your Code
Internallydeveloped
Third partyOpen Source
OutsourcedDevelopment
Third partyCommercial
? ???
Origin
11© Copyright 2010-2011 Antelink SAS
… keeping control of your software integration and supply chain
compile
test
integration test
package
analysis
LawyerBuild Engineer
Build Engineer CustomerDevelopers
Product
Final product
Bill of Material Final product Production(deployment)
Software Factory
12© Copyright 2010-2011 Antelink SAS
Bill of Material
Authors
PerceivedLegal
Situation
AutomatedLegal Situation
MiningVS
IncreaseLegal Quality
Save time
Ease communication
Address licensing issues analyzing the legal situation
LegalSituation
=
13© Copyright 2010-2011 Antelink SAS
A reference from
14© Copyright 2010-2011 Antelink SAS
Identify security vulnerabilityManage version updates
15© Copyright 2010-2011 Antelink SAS
About Antelink
Open Source goes main stream
Third part related quality issues
Preventive vs curative approaches
Antepedia,toward the census of open source code history
Table of Content
16© Copyright 2010-2011 Antelink SAS
Avoid late charges and budget-overrunReduce operation loss
17© Copyright 2010-2011 Antelink SAS
How to enforce your open source policyPreventive vs curative approaches
Preventive Curative
As often as possibleIntegrated in the continuous
integration process
At the end of the release process
When a major event occurs
18© Copyright 2010-2011 Antelink SAS
Preventive vs curative approachesPros …
Preventive Curative
Avoid late charges and budget over-runReduce operation loss
Cover short/mid/long term risksIntegrated to the quality process
You pay when it is REALLY worth itFew people are involved (audit team)
19© Copyright 2010-2011 Antelink SAS
Preventive vs curative approaches… and cons
Preventive Curative
Need affordable toolsNeed tools with very few false-positiveNeed different tools for different users
More expensive (tools + remediation)Done in emergency (lot of stress)Will cover only short term risks
May be too late ...
20© Copyright 2010-2011 Antelink SAS
Be pro-active, empower as soon as possible
everyone involved in the software lifecycle to
mitigate risks that can doom your software
assets.
Want to try one of them ?Want to try one of them ?Don't wait until there is a fire at home
21© Copyright 2010-2011 Antelink SAS
About Antelink
Open Source goes main stream
Third part related quality issues
Preventive vs curative approaches
Antepedia,toward the census of open source code history
Table of Content
22© Copyright 2010-2011 Antelink SAS
Antepedia : The world's largest Knowledge Base of open source projects
More than 1,000,000 open source reusable components … and counting
+1,000 projects each day
23© Copyright 2010-2011 Antelink SAS
Antepedia : The world's largest Knowledge Base of open source projects
24© Copyright 2010-2011 Antelink SAS
Antepedia Search http://www.antepedia.com
Cloud serviceSingle
file
Original project
License information
Release date and location
25© Copyright 2010-2011 Antelink SAS
Life of open source project is also complex
26© Copyright 2010-2011 Antelink SAS
27© Copyright 2010-2011 Antelink SAS
http://jwebmail.sourceforge.net/news.html
http://jwebmail.sourceforge.net/about.html
http://sourceforge.net/projects/jwebmail/
Inconsistent License Information
28© Copyright 2010-2011 Antelink SAS Smart Apps for Great Development Teams !
Visit our web site http://www.antelink.com
Try Antepedia http://www.antepedia.com
Contact us contact@antelink.com
Tel: +33 (0)1 42 39 30 78 18, Rue Yves Toudic 75010 Paris 10ème, France
Contact information