Open source software management company (with an obvious interest in highlighting alleged open source shortcomings) WhiteSource has released a study of over 40,000 Python open source libraries.
The study suggested that a large percentage of the libraries are under restrictive licenses. The repercussion here may be that while many Python programmers report substantial productivity gains, the use of open source Python components introduces new challenges.
"Python open source projects are not different from any other open source projects: In order to enjoy the many benefits, companies should proactively manage their use", said Rami Sass, CEO of WhiteSource.
WhiteSource's technology sets out to continuously track open source usage and automatically enforce open source licensing policies. Correctly tracking, monitoring, and updating open source inventory and licensing is (arguably) one of the most tedious and least favorite tasks for developers.
Sass explains that WhiteSource provides (1) up-to-date open source inventory reports (including dependencies); (2) license risk analysis and compliance reports; and (3) proactive alerts on security vulnerabilities whenever discovered, as well as available fixes.
- 23% of open source Python open source libraries have ambiguous licenses or no license record at all.
- 13% of open source Python open source libraries are under GPL 2.0 license
- 5% of open source Python open source libraries are under GPL 3.0 license
- 2% of open source Python open source libraries are under AGPL 3.0 license