Skip to content

Commit a9e55fa

Browse files
Note OSS collaborative review and development
Expand, with a few words, to explain some of the advantages of OSS, to justify the text that follows. Signed-off-by: David A. Wheeler <[email protected]>
1 parent a728112 commit a9e55fa

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

secure_software_development_fundamentals.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -1243,7 +1243,7 @@ Many systems support installing extensions that are separately developed and mai
12431243

12441244
We use the term “reused software” here, because that is our primary concern. This reused software includes all the software you depend on when the software runs, aka its dependencies.
12451245

1246-
In most cases, the majority of a software application's code is reused software that is licensed as open source software (OSS). OSS is, briefly, software where users have the freedom to run, copy, distribute, study, change and improve the software (this is actually the [Free Software Definition](https://www.gnu.org/philosophy/free-sw.en.html)). A very widely-used and more detailed definition of OSS is the [Open Source Definition (OSD)](https://opensource.org/osd) from the [Open Source Initiative (OSI)](https://opensource.org), who also maintain a list of [OSI Approved Licenses](https://opensource.org/licenses). Studies show that the average percentage of OSS in software applications is somewhere between 77% ([Black Duck 2024](https://www.blackduck.com/resources/analyst-reports/open-source-security-risk-analysis.html)) and 90% ([Sonatype 2024](https://www.sonatype.com/state-of-the-software-supply-chain/introduction)).
1246+
In most cases, the majority of a software application's code is reused software that is licensed as open source software (OSS). OSS is, briefly, software where users have the freedom to run, copy, distribute, study, change and improve the software (this is actually the [Free Software Definition](https://www.gnu.org/philosophy/free-sw.en.html)). A very widely-used and more detailed definition of OSS is the [Open Source Definition (OSD)](https://opensource.org/osd) from the [Open Source Initiative (OSI)](https://opensource.org), who also maintain a list of [OSI Approved Licenses](https://opensource.org/licenses). Software licensed as OSS can be collaboratively reviewed and developed worldwide. Studies show that the average percentage of OSS in software applications is somewhere between 77% ([Black Duck 2024](https://www.blackduck.com/resources/analyst-reports/open-source-security-risk-analysis.html)) and 90% ([Sonatype 2024](https://www.sonatype.com/state-of-the-software-supply-chain/introduction)).
12471247

12481248
Since it's so common, let's focus on tips on how to evaluate OSS before reusing it. Many of these tips will also apply to evaluating closed source software.
12491249

0 commit comments

Comments
 (0)