Microsoft is integrating automated, open source code management program Black Duck Hub with its Visual Studio package. Burlington, Massachusetts-based Black Duck has also joined Microsoft Visual Studio Program as a premier level partner.
Black Duck Hub is capable of enhancing the code through software composition capabilities and offers a broad data to identify security holes. KnowledgeBase, the database behind Black Duck Hub, includes data on more than 2 million open source projects and over 79,000 known vulnerabilities. This enables the program to scan your code and look for different security issues in it.
“Microsoft recognises the importance of open source in application development and the many economic and productivity reasons for its rapidly expanding use. We are pleased that Microsoft also sees the value in bringing Black Duck’s open source license and security compliance capabilities to the Microsoft Visual Studio continuous integration platform,” said Lou Shipley, CEO, Black Duck, in a joint statement.
Black Duck Hub helps you prioritise and track efforts. It evolves the program to recommend you the need of open source code in your project. Furthermore, the code-checking service suggests you if the open source code present in your project should not be there for licensing reasons.
The Visual Studio extension of Black Duck Hub scans for open source code in your TFS (Team Foundation Service) and TS (Team Services) builds. It scans the code for security vulnerabilities and other components for license compliance issues. The tool also allows you to monitor the code written by your employees.
Black Duck and Microsoft are offering the Hub support to developers with a 14-day free trial. A video tutorial has also been produced to ease the integration process.
If you do not want to analyse your code on Visual Studio, you can use Black Duck Hub on programming tools developed by IT giants like HPE and IBM. However, Microsoft has also convinced the Black Duck team to join its Visual Studio Partner Program to extend the service access for its integrated development environment.