Software developers’ reuse of code from
the Internet bears legal and economic risks
for their employers.
BY manueL SoJeR and JoaCHIm HenKeL
from ad Hoc
includes permission to be reused in
commercial software development,
making it highly attractive for firms.
Therefore, some firms systematically
reuse it by including identification,
evaluation, and integration of suitable code in their development processes.
18 Alternatively, Internet code
can also be reused in ad hoc fashion,
as described in Umarji et al.,
23 with individual professional developers, on
their own and typically without telling anybody, searching the Internet
for existing code as a shortcut in their
work, downloading and integrating it
into the software they develop.a
Despite its general suitability for
reuse in commercial software, Internet code is rarely in the public
domain and usually under licenses
that demand compliance with specific conditions as a prerequisite for
8 These conditions vary widely
and may, for example, demand attribution of the original creators of the
reused code. More critical for firms
are the obligations demanded by the
GNU General Public License (GPL)b
reUsiNG exisTiNG soFTWare artifacts when developing
new software is an attractive way to reduce development
costs and time to market while improving software
4 Code is the artifact most commonly reused
in software development.
16 Researchers have identified
such reuse in commercial software development
as a new facet of software reuse.
13, 22 here, “Internet
code” means code in the form of components (such
as a library encapsulating required functionality) and
snippets (such as containing a synchronization block)
that can be downloaded from the Internet for free and
without individual agreement with the originator; an
important instance of such code is publicly available
open source software (oSS). Internet code generally
a Places to search for code include OSS repositories (such as SourceForge.net), code search
engines (such as Koders.com), and code bases
of related OSS projects; for a detailed overview
and quantitative analyses, see Sojer.
b The GPL is a family of licenses, including versions 1, 2, and 3; since all versions share the
“copyleft” obligation, we refer to the whole
family as “the GPL” throughout this article.
Professional software developers reuse
code freely available on the Internet (such
as open source code) in their commercial
projects in ad hoc fashion.
Such code often comes with license
obligations; noncompliance can mean
legal and economic risk, but developers
are often not sufficiently knowledgeable
in these matters.
firms should establish clear policies
regarding reuse, leveraging reliable
information resources on the Internet
and complementing them with internal
training, lobby universities to include the
topic in their curricula, and acknowledge
the interdisciplinary nature of the issue.