Developers in all organization sizes across the globe are looking to gain time and stop reinventing the wheel. Often, they use third-party open source components to solve their problems. Typically, these components are publicly available, free of charge, and with a large community support. Nevertheless, some dependencies are associated to viral licenses, which contaminate the source code of the application being developed. These licenses force developers to release the application code under the same conditions.

Licenses such as the General Public License (GPL) introduce a risk into the development process of closed source and dual license software vendors. Having a GPL dependency exposes your company, among other consequences, to lawsuits and devaluation of its software assets. Furthermore, if contaminant dependencies are not discovered early enough, the cost of replacing them can be expensive. Replacing a contaminant library may imply investing time and money searching for suitable open source or commercial options, and replacing the existing dependency.

Available solutions focus on correcting this problem only when the software has been built. It consists in scanning the source searching for unwanted licenses and then applying corrective actions. Sometimes this can be too risky and imply elevated development costs to replace an existing dependency. This is a reactive approach.

We advocate a quite different approach. Instead of scanning your application's code once it has been developed, we propose to supervise it continuously, meaning while your developers code and introduce new dependencies. In this way, whenever a developer introduces an open source dependency, you know it immediately. Antepedia Notifier enables you to react faster and more effectively to soften the license risk. This is a pro-active approach.

With Antepedia Notifier, developers and managers can easily be pro-active while they commit files and control the licensing compliance. Instead of waiting the last minute, be pro-active and control your software by continuously detecting open source components in your source code.