Archive Index (1999-2012) | 2013-current at | About  

License compliance management tools updated

Aug 15, 2006 — by LinuxDevices Staff — from the LinuxDevices Archive — 1 views

Black Duck has added 30 million commercial software components from 1,000+ vendors to the database that powers its “compliance management software” offering. The company's ProtexIP's database formerly contained primarily open source software “code prints,” or signatures.

The company derived its commercial software signatures from data “obtained from the U.S. government,” it says.

Newly added commercial software code prints in the ProtexIP Knowledgebase include applications marketed by Adaptec, Adobe, Apple, BEA, HP, IBM, Microsoft, Novell, Oracle, Sun, Symantec, and others, according to the company.

Additionally, Black Duck says it has added signatures for countless code snippets published since 1988 in Dr. Dobbs Journal and other CMP Media publications.

Black Duck says its ProtexIP software can help developers, lawyers, and managers control the introduction of licensed material into their code bases, avoiding license “contamination” and other “downstream issues” associated with license compliance failures.

The subscription-based software offering employs a client-server architecture that revolves around a massive KnowledgeBase of software signatures, or “code prints,” against which application source or binary code can be matched, by developers, managers, and legal departments. The process can reveal the true origins and licensing requirements of software delivered by internal or external development teams, according to the company.

Black Duck says that including recent additions, the ProtexIP KnowledgeBase contains:

  • Open source software from 2,000+ projects — “from Apache to Zope,” Black Duck says
  • Other downloadable software, for example code from development kits like the Java Development Kit (JDK) and Microsoft Developer Network (MSDN)
  • Proprietary software components, including desktop software, enterprise applications, utility software, game components, device drivers, etc.
  • Operating system component software from, for example, the Linux, Microsoft Windows, Mac OS, and Solaris operating systems including dynamically linked libraries (DLLs)
  • Images, graphics, clip art, and fonts from more than a dozen vendors

CEO Douglas A. Levin stated, “The addition of commercial code prints and Dr. Dobb's projects substantiates the flexibility of Black Duck's platform. With this expansion of the KnowledgeBase, protexIP provides broader insight into the use by developers of commercial components governed by commercial licenses.”

Levin adds, “With enterprises using open source code, commercial software components, and outsourcers to speed their development efforts, they must know the origins of their code.”


ProtexIP is available now, under various subscription models, priced according to the number of users. Subscriptions include KnowledgeBase updates. Black Duck says it updated its code print KnowledgeBase nineteen times during the first half of 2006.

Black Duck launched ProtexIP in May of 2004. The product was last revised in November of 2005.

This article was originally published on and has been donated to the open source community by QuinStreet Inc. Please visit for up-to-date news and articles about Linux and open source.

Comments are closed.