At the request of one of our customers, a software publisher, we carried out an audit to identify the Open Source components that had been used for the development of several of its globally distributed software. In this context, we analyzed the licenses under which they were distributed in order to deduce the obligations that weighed on the company. Subsequently, we supported our client in the implementation of a real governance of Open Source.

Case details

The legal department of one of our clients, a software company, discovered that some of the software that was distributed to their customers had been developed using open source components, some of which were subject to copyleft licenses. This distribution therefore required them, theoretically, to distribute and thus make public all the source code of their software.

Our intervention

We conducted an audit to identify the affected components and the licenses under which they were distributed. This audit allowed us to identify problematic components, i.e. those distributed under copyleft licenses and for which redevelopment or the purchase of a commercial license was required.

We then have: 

- Updated the license agreements to take into account this dimension; 

- Set up an internal committee dedicated to the management of Open Source and drafted an Open Source policy for developers; 

- Sensitized developers to the issue of Open Source.

The challenge 

We spoke with the developers and in particular the architects of the software in question in order to fully understand how the open source components communicated with the proprietary source code written by the company's employees. This understanding of how the software architecture works, coupled with a detailed analysis of the Open Source licenses considered, allowed us to provide the most relevant recommendations possible.