Rapid ID, a framework for automating discovery and identification of open-source software in a development project, is among the key new developer-focused features in today’s rollout of Black Duck Suite 6.
Through the use of sophisticated algorithms that comb Black Duck’s KnowledgeBase of 475,000 open-source projects and built-in methods that match project code to the codebase, Rapid ID automates the process of controlling the use of open-source software, according to Black Duck executive vice president Bill McQuaide.
The framework is customizable, so organizations can configure Rapid ID to their own discovery and identification methods, and it now has the ability to “learn” about a company’s methods, he added.
“We can’t anticipate how an organization uses open source or what their identification process is, so after they do it once, it can be saved as a rule and applied to other instances of that code,” he explained. “Our customers have seen a 10X improvement in time to results.”
Also new in Black Duck Suite 6 is approval request automation, which helps speed the process under which developers can get permission to use an open-source project. “Developers search for potential open source and choose one based on the rich metadata in the KnowledgeBase that they want to use. But the next thing is to get the decision ratified, and that can be a somewhat laborious process,” McQuaide said.
“You might have to go through the legal department, security, the architecture group, the software development management team…”