ChatterBank1 min ago
Black Duck?
10 Answers
has anyone any experience of this? what does it actually search for? in source? in object? if you don't know what I'm talking about then do not attempt to answer this.
Answers
Best Answer
No best answer has yet been selected by ToraToraTora. Once a best answer has been selected, it will be shown here.
For more on marking an answer as the "Best Answer", please visit our FAQ.Black Duck is one of a number of companies ( this is an American one) that provides to clients an open source software programme which is used by its clients to analyse and collate information and to share it if they so desire. Its obvious use is in market research but it can be used as a predictor of sorts if the code is applied to that aim. Some think it is the tool of the future in corporate development some think it is the devil's work and is big brother made real. To answer 3T's initial post ! It will search or analyse whatever information a programmer can get it to collate. 2 Open source software is software with source code that anyone can inspect, modify, and enhance.
3 In Object. Now that is a very complex question as is the subject, and would need a full lecture and a better qualified man than me (or woman) you will need to consider, Modularity, Information-hiding, Code re-use, Pluggability and debugging ease. In short it is a programme designed for business use.
3 In Object. Now that is a very complex question as is the subject, and would need a full lecture and a better qualified man than me (or woman) you will need to consider, Modularity, Information-hiding, Code re-use, Pluggability and debugging ease. In short it is a programme designed for business use.
If there is a bit of techsing grandmother to suck eggs in this, tough.
Open source software allows other people to use and modify the code for their own purposes. The usual licence under which you can do this includes a statement that your modified version of the code is also to be open source (and therefore made available to others) and that the code cannot usually be used for commercial gain (even if it is modified).
Black Duck seems to be a set of software tools which will search your code for open source software, check the licence and flag it up if you, as a commercial developer, are including any in your application.
That doesn't stop you using open source code, but you might have to check the licence terms, get permission from the author(s) to use that code, make the modified version available under the same terms as the original licence and include an acknowledgement in your own documentation that you are using one or more pieces of open source code in your application.
Given the complexity of some applications, doing the checking manually could get to be a bit of a pain, so the Black Duck software does it for you, and will also notify you if any of the open source code you are using has known security vulnerabilities.
I'd guess that it searches source code rather than object, and won't flag up snippets but would pick up on a substantial chunk of code from an open source application. for more technical stuff, you'd have to find the right person to talk to at Black Duck.
Open source software allows other people to use and modify the code for their own purposes. The usual licence under which you can do this includes a statement that your modified version of the code is also to be open source (and therefore made available to others) and that the code cannot usually be used for commercial gain (even if it is modified).
Black Duck seems to be a set of software tools which will search your code for open source software, check the licence and flag it up if you, as a commercial developer, are including any in your application.
That doesn't stop you using open source code, but you might have to check the licence terms, get permission from the author(s) to use that code, make the modified version available under the same terms as the original licence and include an acknowledgement in your own documentation that you are using one or more pieces of open source code in your application.
Given the complexity of some applications, doing the checking manually could get to be a bit of a pain, so the Black Duck software does it for you, and will also notify you if any of the open source code you are using has known security vulnerabilities.
I'd guess that it searches source code rather than object, and won't flag up snippets but would pick up on a substantial chunk of code from an open source application. for more technical stuff, you'd have to find the right person to talk to at Black Duck.