---

Real World Findings: What Issues Are Most Prevalent in Open Source Scanning?

During the course of providing open source software services–whether for customers, internal work, community contributions, testing, or trials–we sometimes come across surprises. It is not uncommon to discover unexpected open source or commercial components in the code being scanned. The existence of unexpected components means there may be additional or unknown licenses that have not been taken into account for governance or compliance activities. Here is a sampling of such surprises. I have focused on cases that could lead to changes in the codebase in order to eliminate or reduce risk.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis