License Compliance Management in Practice

VersionEye was set up to aggregate details on the different artifacts you consume in your development projects. The data VersionEye produces can feed important information to your continuous development pipeline or support your quality gates and thereby increase the quality of your software product in terms of security and compliance to the associated licenses or with respect to your specific company policies. The VersionEye whitelist can already be regarded as such a quality gate.

Two years ago, I got to know Karsten from {metæffekt}. He just founded the company in early 2016 with the goal to support others in building up and supporting a continuous development pipeline. While this is all not new, his focus is on adding aspects of continuous documentation and continuous license compliance to the picture. He argues, that any shipment of software using open source components requires documentation on the used third-party components, including the license information, license texts and – if required by the license – the source code. Last but not least the documentation must include notices that support the fulfillment of the obligations derived from the licenses.

Karsten immediately included VersionEye as a source for information in his processes and services. In the meantime, he and his team created a substantial network of layers, companies, and customers. Within that network and as members of different organizations they work on the primary rules of conduct to address the license compliance aspect in industry.

{metæffekt} is primarily a service provider. They support companies to aggregate the information required for the assessment of license compliance of a software product. They drive and moderate the communication between the different stakeholders and disciplines in a firm and discuss questions and ambiguities in their network and the communities. They know the subject in theory and – most important – in practice. They are rather tooling agnostic. Thus, it does not matter too much to them if assets already exist in your company.

Karsten and his team offer different kinds of services. They do seminars and offer initial consulting services for a moderate budget to get an impression on a companies’ status quo. If you feel uncertain on the topic of license compliance management in your organization – in particular after VersionEye is shutting down, I can recommend to reach out to Karsten.

You can find information and contacts on http://www.metaeffekt.com/index.html.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s