Open Source Community Involvement

At Black Duck, the open source community is at the heart of everything we do. Our software and free community resources connect organizations to the world of open source, while helping open source developers connect with each other to find, utilize and contribute open source code. 

Free Community Resources

  • The Black Duck Open Hub, the most comprehensive public directory of open source software, offers developers an in-depth look into individual open source projects for evaluating, tracking, and comparing over 550,000 projects. The Open Hub's project data is freely licensed under Creative Commons, enabling further analysis and tracking.
  • Open Hub Code Search, a powerful code search engine indexing more than 10 billion lines of code, offers developers a fast and easy path to review detailed source code from all the projects in the Black Duck Open Hub.
  • Black Duck Blog, a destination for open source industry experts to share news, trends and opinions about the adoption and enablement of open source.
  • Open Source Think Tank, an international event where industry leaders and visionaries collaborate on the future of open source.
  • Open Source Rookies of the Year, a Black Duck annual program recognizing the top open source projects initiated each year.
  • The Future of Open Source Survey, is an annual gauge of key trends and the issues facing organizations in the open source community.  The survey is sponsored by Black Duck, North Bridge Venture Partners and Forrester Research.

Open Source Community Participation

Black Duck and SPDX

The Software Package Data Exchange® (SPDX®) is an evolving standard for communicating the open source content, licenses and copyrights associated with a software package. The purpose of the standard is to help companies in a software supply chain more easily comply with software licensing obligations. 


SPDX provides a uniform approach to documenting and sharing a software bill of materials (BOM), making it more efficient for supply chain partners to communicate. The standard is developed and maintained by the SPDX workgroup of the Linux Foundation and is a critical element of the foundation’s Open Compliance Program.
Black Duck’s Support of SPDX
Black Duck has been instrumental in developing SPDX through participation in the SPDX workgroup. Our involvement includes:
  • Co-chair of the Linux Foundation SPDX Working Group
  • Actively participating in the three SPDX teams: Technical, Business and Legal
  • Authoring the first SPDX whitepaper
  • Developing and evolving the structure of the website and supporting the SPDX beta process
  • Implementing SPDX software BOM in the Black Duck® Suite at no additional cost to customers
For More Information: