Archive for March, 2011

Android Cat Herding

Guest Blog for Black Duck Software

Part I – Synchronizing / Harmonizing Android Source Code & Licenses

In earlier Black Duck blog posts, I highlighted the complexity underlying the Android mobile application platform, especially complications arising from the multi-sourced nature of the OS and its enabling middleware.

At the close of that blog, I listed five challenge areas and promised to elaborate, and to follow up with ways to address them.  In Part I, I’ll expand on the challenges, in Part II, I will examine some solutions.

1. Unique Licensing and Copyright of Patches / Contributions
While the Android project promotes a global Apache 2.0 licensing regime, there is no formal submission or copyright assignment process (cp. those for Linux and for GNU projects).  This somwhat casual patch submission and management process results in diverse and sometimes uncertain provenance of Android platform code (see my earlier blog for examples from the Black Duck Software study).

Read More . . .

Advertisements

Android Platform Code – Turtles Most of the Way Down

Guest Blog for Black Duck Software

Part 1 – Hidden Complexity

This week Android application developers from around the world are gathering in San Mateo at AnDevCon – the Android Developers Conference. While they are soaking up tutorials on UI haptics and building apps with Ruby and HTML5, I find myself pondering the particulars of the Android platform.

A quick glance at the conference curriculum (and Gingerbread documentation) reveals Android as ever more resource-rich, with a growing repertoire of APIs and capabilities to leverage emerging hardware (like the barometer on the Motorola XOOM) and to meet developer community requirements.  In providing the underpinnings for its burgeoning app portfolio (approaching 300,000 – AndroLib.com), Google and its Open Handset Alliance (OHA) partners have created an increasingly complex mobile applications platform.

A Daunting Integration Task

The underlying complexity of Android platform code can be daunting to developers, especially to software teams at chipset suppliers, device manufacturers (OEMs) and integrators.   Anyone needing to integrate Android platform code with hardware and system software will be concerned about

  • Managing the 165 different packages that comprise the Android GIT repository
  • Tracking changes in over 80,000 source code files
  • Integrating Android internal system code, device drivers, Dalvik code, middleware and applications with myriad external repositories
  • Maintaining, integrating and QAing company-specific additions to the platform (e.g., UI customizations and Dalvik performance enhancements)
  • Reconciling the rights and obligations represented in at least 19 different licenses
  • Repeating this exercise every 3-4 months (hello Gingerbread and Android 3.0!)

Read more . . .

Black Duck Mobile Open Source Study: Out of the Attic, Into the Spotlight

Guest Blog for Black Duck Software

Mobile Open Source:

Out of the Attic, Into the Spotlight

Only a few years ago “open source in mobile” was like a crazy cousin or unpleasant uncle, barred from family gatherings and discussed in whispers.  While the first Linux-based handsets appeared almost a decade ago (like the Motorola A760), open source remained in the background, lurking in platform code, far from application developers and the mobile end-user experience.

Mobile is different, or is it?

Mobile, while standards-based, has for over two decades been a proprietary affair.  “Mobile is different,” I was told repeatedly by operators and platform suppliers at the Linux Phone Standards Forum. “Operators and the FCC mandate closed devices for secure networks,” they continued.  “Mobile IP needs special protection,” lectured lawyers at consortia and handset OEMs, imposing impenetrable 100+ page IPR documents whose sole purpose was to corral community code and maintain legacy status quo. . .

Read more at blog.blackducksoftware.com

Advertisements