Blogs

FOSSBazaar is no longer being updated. The information on this site is preserved for your convenience but may be out of date. Please visit Linux Foundation's Open Compliance Program for current information and activities.

Models and tools for FOSS quality

tbm's picture

There has been interest in quality models for FOSS for a long time. There are various concerns about FOSS and the quality thereof. Given that a lot of FOSS is produced by volunteers, how can we rely on the software? Is software developed in the public more secure, or can people use the source code to find exploits?

The Need for Governance - A Practical Perspective

Andrew Aitken's picture

We can’t help ourselves. Here I sit with 15 of the most knowledgeable open source experts at a wonderful restaurant in Nuremberg, Germany at the Open Source Meets Business Conference, and we’re not talking about the great beer or the tasty Scheufelen but the GPLv2 vs. GPL v3.

Driving forces of FOSS adoption and development

tbm's picture

Matt Asay of Alfresco recently observed differences in the adoption of FOSS. He sees a lot of adoption in Europe by governments who support the ideals of FOSS whereas he claims that adoption in North America is mainly driven by enterprises "seeking to lower costs and maximize innovation". His comments remind me of a discussion I once had with someone a few years ago. We didn't talk so much about adoption, but rather about development of FOSS. Our conclusion was that the main driving forces behind FOSS are not the same in different parts of the world. Specifically, it seemed that FOSS development in North America was heavily driven by corporations, whereas FOSS development in Europe was mostly community driven. Finally, governments in Asia and other emerging markets, like Brazil, saw FOSS as a great opportunity to establish a healthy software development industry in their own countries and as a way to become more independent from the US.

Welcome to the Launch of FOSSBazaar

Phil's picture
 As my first blog post on FOSSBazaar, I thought I'd explain a bit more about why I got involved in this effort,  Who I think can gain from participating in this community, and what I would like to learn through the experience.

Let's start with the basics:

Comments about Coverity Scan Rung 2, and Software Quality and Security

dmaxwell's picture

Under the Security & Vulnerabilities section of Fossbazaar, you can find a copy of Coverity's press release about Rung 2 on the Scan Ladder, but you might prefer an introduction to how software quality and security affects open source governance.

Software is not an abstract concept. It's a concrete one. However the concept of software quality is a very subjective matter.

Falling back on analogy, cars are very concrete objects, but which car is 'better' depends on the task it is going to be used for, and to a great degree on personal preference as well. A Jeep and a Miata are both vehicles, but knowing whether the challenge you'll face is in cornering or in rough terrain will determine success or failure.