Handling Open-Source Content Licensing: Wrong Answers OnlyMend Security's Jeanette Sherman on the Need to Identify Code, License Types
When you create proprietary code, even using a component of open-source code within a subcomponent could cause your project to become open-source code.Jeanette Sherman of Mend Security discusses the need to identify open-source code and the license types being used.
She explains why you need to identify not just direct dependencies but also transitive dependencies.
In this interview, Sherman also discusses:
- Why failure to ensure visibility over open-source software use can be costly;
- How the problem encompasses both your existing code base and new code in development;
- How automating software competence enables you to pick which license types you want to allow, decline or examine more.