Business users of open source software should review their open-source licensing agreements, audit their use, and create formal policies for managing source code, especially mixed-source code.
That’s the view of analyst group Saugatuck Technology, which has found that the rapid proliferation of open source software in the enterprise is being mirrored by an explosion in open source licensing types.
Saugatuck recently released a report on the subject, titled “Emerging Licensing Differences: Risk to Open Source Users and Vendors?”
The plethora of open source licences has the potential to present major management problems for corporate users, Saugatuck says.
Considering that one of the top four reasons given by user executives (especially at small- and medium-sized enterprises) for adopting Open Source software is the “Ability to adapt and refine source code”, the likelihood of user enterprises violating or impinging upon multiple licence terms increases, according to Saugatuck.
Most IT directors think of open-source licensing as GPL, BSD and perhaps one or two others, but Saugatuck has found there are more than 1,000 types of open-source licences.
“That number is likely to increase, as are the complexities of the licences themselves, and the issues regarding licence-compliance.”
Saugatuck predicts that open-source licensing will extend into multiple formats, to the point where “we will see users of a single solution from one vendor that contains open source code, from multiple vendors being required to comply with multiple licensing terms simultaneously.”
This issue has been highlighted in some open source discussion forums, but it is largely being ignored by IT and business leaders.
In the longer term — after 2010 — Saugatuck thinks that the open source community will be able to “bring vendors and users back into a more cohesive community”.
But the short-term outlook for end users still looks “extremely messy”.