Rapid ID, a framework for automating discovery and identification of open-source software in a development project, is among the key new developer-focused features in today’s rollout of Black Duck Suite 6.
Through the use of sophisticated algorithms that comb Black Duck’s KnowledgeBase of 475,000 open-source projects and built-in methods that match project code to the codebase, Rapid ID automates the process of controlling the use of open-source software, according to Black Duck executive vice president Bill McQuaide.
The framework is customizable, so organizations can configure Rapid ID to their own discovery and identification methods, and it now has the ability to “learn” about a company’s methods, he added.
“We can’t anticipate how an organization uses open source or what their identification process is, so after they do it once, it can be saved as a rule and applied to other instances of that code,” he explained. “Our customers have seen a 10X improvement in time to results.”
Also new in Black Duck Suite 6 is approval request automation, which helps speed the process under which developers can get permission to use an open-source project. “Developers search for potential open source and choose one based on the rich metadata in the KnowledgeBase that they want to use. But the next thing is to get the decision ratified, and that can be a somewhat laborious process,” McQuaide said.
“You might have to go through the legal department, security, the architecture group, the software development management team…”
In Suite 6, Black Duck provides a wizard that guides developers through an organization’s approval process—“like a TurboTax process,” McQuaide added.
Approval automation also allows developers who, for instance, want to use Hibernate 4.0 to populate their request form with an earlier request from someone else in the organization who received prior approval to use Hibernate 3.6.
The new suite, coupled with the recent acquisitions of The Olliance Group, Ohloh and SpikeSource, moves Black Duck from simply offering a tool for licensing compliance to a company that enables strategic use of open-source software, McQuaide said.
“While we focus on developers,” he said, “we also want to make sure organizations are clear on what their open-source strategy is and the reasons for using open source.”