Endocode believes that Free and Open Source software benefits all of us. Open Source licenses provide the legal backbone for our intentions to share the created code so that everybody can use, study, modify and improve it. Copyleft licenses, in particular the GPL, model this relationship in a reciprocal manner by requiring all modified and extended versions of the code to be free as well. Some of our Quartermaster code is released under the GPL-3. We also believe that our users share this vision and comply with the terms of the license by default, and that deviations from this norm are probably honest mistakes. By entering into the GPL cooperation commitment, Endocode aims at giving a fair chance to correct violations before licenses are terminated.
April 11 marks an important milestone in our favourite compliance project of the year: Quartermaster - the compliance tool that implements a full Open Sourcce license compliance audit as part of a modern DevOps cycle. On April 11, 2018 Endocode will host the Quartermaster v.0.2 requirement workshop. This workshop marks the end of the development of v.0.1 of Quartermaster. A development cycle that added a completely new architecture, a modular implementation, a master graph database, gPRC based APIs for phase-specific modules written in different programming languages, and more demo builds to the initial prototype.
Today is the 14th of February. An important day for people worldwide. Why? Well obviously because it is “I love Free Software”-Day! The “I love Free Software Day” is where we give a shout out and thank you to all contributors in the community. What unites us as a community is that we share ideals like collaboration, constant improvements and equal opportunity to access, learn and contribute to Free Software. And all this would not be possible without everyone contributing their piece of the puzzle: The developers, the designers, the translators, the lawyers, the testers, the documentation writers and last but not least, the pizza bakers.
Maybe it’s just me, but it seems like Marty McFly somehow stole 2017 because it’s almost over and I’m sure it was only yesterday that we shared what Endocode achieved in 2016. Yet somehow, here we are and a lot has happened in 2017. We continued to shape our concept of life-long learning in tech in the Endoctus Academy, and started a new initiative to improve the overall state of FOSS compliance.
Auditing and documenting Open Source license compliance is a strict requirement for any software vendor or device manufacturer. Open Source licenses commonly require products to be accompanied with offers to provide the full corresponding source code, authors to be attributed, and other documentation. In addition to that, Open Source license compliance needs to be audited continuously, for each build, along the complete supply chain of the product. These challenges are various and well known in the IT industry.
As of today, Endocode joins the community of OpenChain conformant organisations. Being Open Source license compliant is a hygiene factor that everybody who uses Open Source technologies needs to constantly maintain. It is one aspect of being a good citizen of the Open Source world. However, maintaining compliance throughout the supply chain of a complex product that may include incoming external contributions is not trivial. The OpenChain project aims at making Open Source license compliance simpler and more consistent.