Language Selection

English French German Italian Portuguese Spanish

Black Duck Gains Access to SourceForge

Filed under
OSS

On Monday, Black Duck Software Inc., a leading provider of software compliance management solutions, and SourceForge.net, one of the world's largest open-source collaborative development sites, will announce that Black Duck will be able to use SourceForge's program repository to make its software compliance program more efficient.

SourceForge.net, a subsidiary of VA Software Corp., hosts more than 103,000 open-source projects, and has over 1,100,000 registered users using its resources to accelerate their own software development efforts. Black Duck will host a replicated version of the SourceForge.net software repository.

The software program collection will be used to provide users of Black Duck's protexIP software compliance management platform with the assurance that their in-house developments are being checked for possible license and IP (intellectual property) problems against SourceForge's enormous open-source program collection.

This deal is a follow-up to VA Software and Black Duck's earlier partnership. In that arrangement, the two companies announced an integrated product. This dual product brought together Black Duck's protexIP with and VA's SourceForge Enterprise Edition distributed development environment.

The protexIP system uses a knowledge base of "code prints" to uniquely identify programming code and its licensing information. This information is then used to validate whether companies are correctly using the open source code within their applications. When there's a problem, the program alerts developers and managers to possible license obligations and conflicts.

SourceForge, besides including open-source programs from many individuals and small groups, also includes software projects by NASA, Microsoft Corp., Google Inc., IBM and Salesforce.com.

Full Story.

More in Tux Machines

Android Leftovers

Mozilla: Code of Conduct, Kelly Davis, Celebrate Firefox Internet Champions

  • ow We’re Making Code of Conduct Enforcement Real — and Scaling it
    This is the first line of our Community Participation Guidelines — and an nudge to keep empathy at center when designing response processes. Who are you designing for? Who is impacted? What are their needs, expectations, dependencies, potential bias and limitations?
  • Role Models in AI: Kelly Davis
    Meet Kelly Davis, the Manager/Technical Lead of the machine learning group at Mozilla. His work at Mozilla includes developing an open speech recognition system with projects like Common Voice and Deep Speech (which you can help contribute to). Beyond his passion for physics and machine learning, read on to learn about how he envisions the future of AI, and advice he offers to young people looking to enter the field.
  • Celebrate Firefox Internet Champions
    While the world celebrates athletic excellence, we’re taking a moment to share some of the amazing Internet champions that help build, support and share Firefox.

Canonical Ubuntu 2017 milestones, a year in the rulebook

So has Canonical been breaking rules with Ubuntu is 2017, or has it in been writing its own rulebook? Back in April we saw an AWS-tuned kernel of Ubuntu launched, the move to cloud is unstoppable, clearly. We also saw Ubuntu version 17.04 released, with Unity 7 as the default desktop environment. This release included optimisations for environments with low powered graphics hardware. Read more Also: Ubuntu will let upgraders ‘opt-in’ to data collection in 18.04

The npm Bug

  • ​Show-stopping bug appears in npm Node.js package manager
    Are you a developer who uses npm as the package manager for your JavaScript or Node.js code? If so, do not -- I repeat do not -- upgrade to npm 5.7.0. Nothing good can come of it. As one user reported, "This destroyed 3 production servers after a single deploy!" So, what happened here? According to the npm GitHub bug report, "By running sudo npm under a non-root user (root users do not have the same effect), filesystem permissions are being heavily modified. For example, if I run sudo npm --help or sudo npm update -g, both commands cause my filesystem to change ownership of directories such as /etc, /usr, /boot, and other directories needed for running the system. It appears that the ownership is recursively changed to the user currently running npm."
  • Botched npm Update Crashes Linux Systems, Forces Users to Reinstall
    A bug in npm (Node Package Manager), the most widely used JavaScript package manager, will change ownership of crucial Linux system folders, such as /etc, /usr, /boot. Changing ownership of these files either crashes the system, various local apps, or prevents the system from booting, according to reports from users who installed npm v5.7.0. —the buggy npm update.