When you create proprietary code, even using a component of open-source code within a subcomponent could cause your project to become open-source code. Jeanette Sherman of Mend Security discusses the need to identify open-source code and the license types being used.
She explains why you need to identify not just direct dependencies but also transitive dependencies.
In this eBook, Sherman also discusses:
- Why failure to ensure visibility over open-source software use can be costly;
- How the problem encompasses both your existing code base and new code in development;
- How automating software competence enables you to pick which license types you want to allow, decline or examine more.