The good news is that because of the emergence of centralized hubs such as Github, it’s never been easier to discover and download open source software. The bad news is there is not much in the way of actually governing that process, which creates all kinds of potential compliance headaches for the IT organization. To […]
The good news is that because of the emergence of centralized hubs such as Github, it’s never been easier to discover and download open source software. The bad news is there is not much in the way of actually governing that process, which creates all kinds of potential compliance headaches for the IT organization.
To address this issue, Perforce Software has released Perforce Git Fusion, which helps simplify governance by providing an overlay that provides version control across open source applications residing in Git repositories.
According to Randy DeFauw, technical marketing manager for Perforce Software, rather than treat Git as a rival repository, Perforce has decided to extend its governance tools out to an open source repository that the open source community is using as the primary vehicle for distributing code. The challenge facing IT organizations is finding a way to make use of that rich repository of code in a way that not only allows them to comply with any number of regulations, but also make it simpler to track who used what version of what piece of code to build any given application. In essence, management of code repositories is now becoming more federated to accommodate the existence of repositories both inside and outside of the enterprise, says DeFauw.
Git Fusion provides a feature called Repository Remapping that can be used to create new Git repositories using a reconfigured set of data. That, says DeFauw, means Perforce can then maintain the overall project view of releases, components, and workflow and can manage an unlimited number of Git repositories. Developers can also dynamically switch between repositories, adds DeFauw.
Most applications being developed today are really amalgamations of code developed elsewhere. The challenge now is figuring out what modules went into what applications and, from a compliance perspective, what is the provenance associated with that code. None of this means that IT organizations shouldn’t rely on open source code more, it just means they need to know more about where that code actually has been.
Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
