Patching: Best practices in identifying the correct license

Open Source is everywhere. Experienced developers do not write code from scratch, they know where to get code. Improving productivity, shortening time to market, and reducing development costs are all good reasons to use Open Source code. However, by using open source components, organizations ultimately take responsibility for the code they did not write.

One interesting aspect of Software Composition Analysis is how to handle patches. Patches often come bundled in one file and apply patches to several other files of an existing software component. Sometimes a patch may contain a license, sometimes not. Sometimes it is clearly applied to one file of a component with a well-defined license. Sometimes a patch file patches files from different components (or files) with different licenses. Sometimes a patch fixes a file with source code, sometimes a patch is applied to config or makefiles.

What does this mean for the license of the patch file itself?

Read the full story by Dr. Andreas Kotulla, Founder and CEO of Bitsea, here.

Leave a Reply

Your email address will not be published. Required fields are marked *