Black Duck Dispels Top Five Open-Source Myths

Black Duck Software taps its vast knowledge base to identify and dispel five "myths" regarding open-source development. The myths range from "open source is just source code" to "GPL Version 3 is being ignored."

Black Duck Software has set out to debunk some of the leading "myths" about open-source software development, including the belief that open-source developers have created only a few billion lines of code.

Black Duck, which provides products and services for accelerating software development through the managed use of open-source and third-party code, released its research dispelling some of the more common myths about open-source development.

Black Duck officials said the company actively spiders the Internet collecting downloadable code into a giant repository that is known to Black Duck customers as the Black Duck KnowledgeBase. This core information repository contains more than 170,000 open-source projects from nearly 4,000 unique Web sites. The top myth findings were derived from actual analysis of open-source software rather than just user perception.

Myth No. 1 that Black Duck attempts to dispel is that open source is just source code. However, according to Black Duck, source code is actually only 15 percent of what is released by open-source developers. There are four times as many binary files as source files in open-source releases. In addition to binaries, open-source projects are packaged with scripts, markup language files, graphics images, documentation and many other artifacts, Black Duck officials said.

Open-source myth No. 2 is that open-source adoption is mostly application infrastructure. Black Duck officials said there is a tendency to focus on adoption of monolithic applications in IT infrastructure-for example, Linux or MySQL. However, the Black Duck KnowledgeBase shows that the open-source world is dominated by components, not fully formed applications, and these are being reused from project to project in hundreds and even thousands of instances.

Apache Log4j, for example, is reused by over 5,500 projects, according to the Black Duck Knowledgebase.

"Java developers, in particular, have taken tremendous advantage of code reuse," the Black Duck study said. "There are 14 times more files distributed ending in the .class file suffix (binaries) than .java (source files). A major reason is that Java components are built once and reused and redistributed by many other projects in binary form."