During TechED Europe 2014 in October, Marcel de Vries presented a compelling story around best practices for using Open Source. This is a video of his entire presentation from October 31, 2014. He starts with the history of open source, how the licensing works and then moves into a practical discussion of how to use Nexus and NuGet in the enterprise.
This is a very good overview that is understandable at all levels.
Description of the session
Most of us understand the benefits of using open source software (OSS) and libraries. Heck, even Microsoft embraces it, so why can’t you adopt it as well in your enterprise? Open source can be a blessing and a curse at the same time. We probably all remember incidents like the “heart bleed” vulnerability in a popular open source implementation of SSL.
So, if open source becomes more and more prevalent, how can we cope with the challenges that lay at hand? We will be challenged with all sorts of questions in the enterprise: What are the license implications when I take a dependency on a library with a viral type of license? What version of open source libraries are we using and are they the choice of the generic public or did we select one we now need to maintain ourselves? Are there known vulnerabilities in the libraries we use, and if so, are we affected by that?
In this session, we take a practical approach to using open source libraries in product development for the enterprise. We touch briefly on the license types and the ones to look out for. We show you how an artefact repository system can help you to answer a lot of the tough questions. Learn how to integrate a system that is very popular, called Nexus, in your continuous deployment strategy and ensure a frictionless experience for your developers. We show integration with NuGet and how to manage open source dependencies using proxy facilities so you can ensure only a curated set of libraries are used, and meet compliance requirements for your business.