Google Ads
Product News : Black Duck Integrates Open Source Governance and Compliance into the Software Development Life Cycle
on 2013/1/15 10:21:41 (665 reads)
Product News

Black Duck Software announced the release of Black Duck Suite 6.2, adding new capabilities which help development and legal teams work more effectively together to expedite the adoption of open source software (OSS). Suite 6.2 adds new license obligation management capabilities, new development tool integration support through Software Development Kit (SDK) enhancements, and updated support for SPDX 1.1, allowing organizations to more effectively implement open source governance and compliance throughout the software development lifecycle (SDLC).


IDC reports that open source makes up 30 percent or more of the code at major G2000 organizations and is increasingly looked to as a development resource, and that the control and management of open source components is especially important. Properly vetting open source before development is underway avoids costly rework later in the SDLC and helps mitigate the risk of unknown/undocumented open source software usage. By enabling the rapid understanding of more than 2,200 licenses, the new obligation management features give developers better visibility into the license terms and obligations associated with a component, while helping track the fulfillment of those obligations.

The release also includes expanded SDK support, enabling integration and customization into existing ALM environments and adding transparency to the open source governance process. For example, the new Maven build tool connector facilitates the continuous monitoring of the open source content of a project at every build.  Similarly, Black Duck customers can use the SDK to build additional integrations and ensure compliance in their own SDLC, as needed.

Support for SPDX® has been upgraded to the latest SPDX version 1.1 specification, enabling standardized communication of open source use. SPDX reduces redundant work for supply chain partners by providing a common format for companies and communities to share important data about software licenses and copyrights, thereby streamlining and improving compliance. The SPDX specification is developed by a working group of the Linux Foundation, and Black Duck has been involved in all aspects of the project from the outset.

“The enhanced capabilities of Suite 6.2, which easily integrates governance and compliance into all stages of the software development lifecycle, make the Suite the most powerful open source governance platform for both developers and organizations as a whole,” said Black Duck President and CEO, Tim Yeaton. “This latest release helps developers build better software faster, delivering on our mission to help organizations harness the power of open source technologies and methods for faster innovation, greater creativity and improved efficiency in their software development efforts.”

About Black Duck Software


Offering award-winning software and consulting,  Black Duck is the partner of choice for open source software adoption, governance and management.  For more information about how to leverage open source to deliver faster innovation, greater creativity and improved efficiency, visit www.blackducksoftware.com 

Printer Friendly Page Send this Story to a Friend Create a PDF from the article

Copyright (c) 2007-2014 Martinig & Associates | Methods & Tools Software Development Magazine | Privacy Policy
Software Development Articles | Software Development Directory | Software Development Videos
Software Development Jobs | Software Development News | Software Development Books
Software Development Blogs | Software Development Conferences