Blackduck Software and IP
Dan Jenkins
dan at rastech.com
Fri Jan 16 00:02:36 EST 2009
Paul Lussier wrote:
> BlackDuck (i.e. specifically my friend) has spent months painstakingly
> researching each and every package for Debian (and probably RH,
> others) and created a database correlating versions with packages with
> licenses, etc. Additionally, they've created checksums of everything
> such that they can scan large repositories and detect these signatures
> to help you determine if what your shipping falls under certain
> licenses.
>
> They are in fact a legit company, consisting of people who hold FOSS
> very near and dear. They have just found a way to monetize a service
> around FOSS as well.
>
Oh, I wish I had known about them a year ago when I had to manually do
much the same at a client.
(As well as trying to explain fourth hand to a lawyer what a compiler
was and why we needed to use one - and, no, we couldn't write our own.)
They could have saved us several man months of effort, which was
critically needed on actual development then.
More information about the gnhlug-discuss
mailing list