Category: Tuesday Surprise

Community open source projects that become successful are often commercially relevant. Hence, to prevent abuse, the project founder or a supporting foundation acquires a trademark to the name of the project. If you want to build a business based on the project, you’ll want to use the trademark in advertising your product, and if you…

Any project or product that uses open-source software becomes dependent on it. Introducing such a dependency should be thought through in detail, in particular if the software is to be used as a component in a commercial product. Most notably, you need to understand the intentions of the open source programmers then and how they…

Some time ago, people wondered (and worried) whether the cloud will kill open source. Today we have an answer, which is: The cloud is open source, most of it anyway. So we observe a peaceful coexistence, with both community and commercial open source software working well with cloud services. However, I would like to go…

I just received the following question: “We ship our software application as a container image built on a base image. Surely we don’t have to worry about open source license compliance of the base image, do we?” My answer is: “Of course you have to worry.” Let me explain this step by step. If you…

The human brain is just amazing when it comes to making sense of words. Still, it helps to be precise about terms, because it reduces confusion and improves understanding. One such terminology confusion in open source is between the concepts of dependency graph and software supply chain. A dependency graph is a set of components…