Best Practices for Using Open Source Software in the Enterprise
Most of us understand the benefits of using open source software (OSS) and libraries. Heck, even Microsoft embraces it, so why can’t you adopt it as well in your enterprise? Open source can be a blessing and a curse at the same time. We probably all remember incidents like the “heart bleed” vulnerability in a popular open source implementation of SSL. So, if open source becomes more and more prevalent, how can we cope with the challenges that lay at hand? We will be challenged with all sorts of questions in the enterprise: What are the license implications when I take a dependency on a library with a viral type of license? What version of open source libraries are we using and are they the choice of the generic public or did we select one we now need to maintain ourselves? Are there known vulnerabilities in the libraries we use, and if so, are we affected by that? In this session, we take a practical approach to using open source libraries in product development for the enterprise. We touch briefly on the license types and the ones to look out for. We show you how an artefact repository system can help you to answer a lot of the tough questions. Learn how to integrate a system that is very popular, called Nexus, in your continuous deployment strategy and ensure a frictionless experience for your developers. We show integration with NuGet and how to manage open source dependencies using proxy facilities so you can ensure only a curated set of libraries are used, and meet compliance requirements for your business.