Black Duck and Palamida plug-in to Eclipse
Know your code
Software licensing specialists Palamida and Black Duck Software are bringing IP compliance to application development tools built using the open source Eclipse framework.
Palamida announced Tuesday plans for a plug-in to Eclipse for its IP Amplifier product, which consists of a compliance library and detector used to identify software licenses in companies' code.
The plug-in, expected during the next six months, was announced as Palamida also said it is joining Eclipse as an Add-In Provider, at the O'Reilly Open Source Convention (OSCON). Palamida joins Black Duck who on Monday used OSCON to deliver an Eclipse-based plug-in for its protexIP compliance suite.
Black Duck also announced a deal with SourceForge, the online home to 103,000 software development projects, to host a replicated version of the SourceForge service. Black Duck's protexIP will run against SourceForge to check for latest licensing and IP status of the myriad software packages. Palamida said it was an existing user of the SourceForge service.
Both companies plug-ins are designed to help detect and verify the type of licensing associated with code in the software customers are building, when working with Eclipse-based application lifecycle management (ALM) tools.
The companies hope to help developers by reducing the delays associated with threading through code to identify software licenses while also helping save employers from costly legal actions over potential IP violations at a later stage.
By working with Eclipse, Black Duck and Palamida are reaching out to a growing and potentially powerful class of ISVs who are building ALM tools on Eclipse.
Eclipse began life building a common, open integrated development environment (IDE) framework consisting of an interface, code debugger and repository that third parties could easily snap into without special engineering. The group has since moved further up the application lifecycle chain with the Test and Performance Tools Platform (TPTP) and the Business Intelligence and Reporting Tools (BIRT) projects.
Those backing Eclipse include IBM Rational, using Eclipse as the basis for its ALM tools, along with ISVs who have produced nearly 1,000 plug-ins to enhance functionality across the ALM chain.
Mark Tolliver, Palamida's chief executive, said it is important to provide application developers using Eclipse with tools that can help them identify and police IP from early on in the application's lifecycle. "Getting the entire development chain instrumented for proper and easy IP management is one of the next steps from an infrastructure point," Tolliver told The Register.
While a great deal has been written about IP concerns in relation to open source software, Black Duck and Palamida are keen to highlight an area that can also apply to "closed source" software development. That concern centers around the use of Eclipse-based ALM tooling by IT teams who use and re-use third parties' software - not necessarily open source - in the field of component-based development.
Palle Pederson, Black Duck's chief technology officer (CTO), said his company's plug-in would help solve potential licensing problems in projects using component based development techniques.
"The move toward component-based development and the exploding use of open source software have made it increasingly difficult for developers to attest to the origins and obligations associated with their mixed-IP software projects. We hope to make the developer's life easier by managing this complexity," Pederson said in a statement.®
Sponsored: Becoming a Pragmatic Security Leader