Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister

Re: Production Environments and "Foreign" Code

by IlyaM (Parson)
on Mar 12, 2003 at 14:42 UTC ( #242366=note: print w/replies, xml ) Need Help??

in reply to Production Environments and "Foreign" Code

What stops your company from adopting CPAN modules as its "own"? I mean it is open source after all and not some proprietary black box libraries. Get modules you need into your CVS, do their code review, if you want write tests with 100% coverage if modules don't have them. It still will be more time efficient then doing everything from scratch.

Ilya Martynov,
Quality Perl Programming and Unix Support UK managed @ offshore prices -
Personal website -

  • Comment on Re: Production Environments and "Foreign" Code

Replies are listed 'Best First'.
Re2: Production Environments and "Foreign" Code
by dragonchild (Archbishop) on Mar 12, 2003 at 16:11 UTC
    Then, once you have those tests, upload them back to CPAN!

    If your management balks, do the following:

    1. Ask them if they like the rapid and safe development of their system.
    2. If they say "No", then that's an answer.
    3. If they say "Yes", then tell them what the cost would have been to hand-roll all the underlying modules. Estimate about 2-3 man-years (at least!) for DBI, CGI, XML::Parser, and others.
    4. Ask them for your back-pay.
    5. When they balk at that, tell them that this is the "cost" of using open-source software.
    6. Let them compare for themselves the cost of closed-source vs. open-source.

    We are the carpenters and bricklayers of the Information Age.

    Don't go borrowing trouble. For programmers, this means Worry only about what you need to implement.

    Please remember that I'm crufty and crochety. All opinions are purely mine and all code is untested, unless otherwise specified.

Re: Re: Production Environments and "Foreign" Code
by Anonymous Monk on Mar 13, 2003 at 03:53 UTC
    Have you actually read the licenses?

    Depending on the license, mingling open source code with proprietary is generally not wise. Unless your developers are very clear about drawing a line in the sand between proprietary and non-proprietary (eg no you can't cut and paste from here to there), you can get into trouble.

    Sure the open source community is nice about it. Much nicer than the average corporation who you might have cut a deal with for code access. The FSF likes to get you to open source some affected code and then set up a voluntary compliance program rather than a lawsuit. But it is a real cost, and there is the fear that in 5-10 years someone who thinks that the GPL needs to be tested in court will be a real jerk about it. And depending on what your company does, you really might not want to unexpectedly have to GPL your code.

    This doesn't mean that your approach is wrong. But the thought of developers who think this stuff is all free (and don't appreciate the legal risks) is what keeps corporate lawyers awake.

      You have a point here. Before using open souce software you should read its license and decide if it is appropriate for you. On the other hand majority of CPAN modules (but not all!) are dual licensed under GPL/Artistic. And Artistic is very flexible license with nearly no restrictions. I doubt using Artistic licensed modules can get you in any trouble.

      Ilya Martynov,
      CTO IPonWEB (UK) Ltd
      Quality Perl Programming and Unix Support UK managed @ offshore prices -
      Personal website -

        It is unlikely that Artistic licensed modules will get you into trouble. But it can. And has.

        I don't remember whether they were still Hip Communications or ActiveState, but they were shipping a binary version of Perl for Windows, named Perl, without contributing back code changes. That was a no-no. Read the license if you don't believe me. This was many moons ago and was resolved peacefully with Perl 5.005 incorporating ActiveState's changes. (This happened partly through the wisdom of Larry Wall et al, partly through the intervention of Tim O'Reilly, and partly through ActiveState's willingness to risk ticking off Microsoft.)

        However you are right that it is virtually impossible to conflict with the Artistic License by accident. But corporate legal may find that verifying this is harder than they want - particularly if they are afraid that code which is claimed to be under the Artistic might turn out not to be...

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://242366]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (3)
As of 2021-09-19 20:20 GMT
Find Nodes?
    Voting Booth?

    No recent polls found