With the FUD train having left the Linux OS station, vendors are now focusing on Linux applications, warning that careful, expensive auditing and licensing is necessary before you deploy anything.
Saugatuck Technology, no enemy of open source, is among the companies raising the alarm bells.
Vendors like Black Duck and Palamida are always happy to turn your worries about code licenses into their profits, through expensive audits which identify just who wrote what and what the deal is. But to what extent are the concerns real?
It's true that the LAMP stack includes both GPL and Apache-licensed code. Many licenses let you re-sell enhanced open source products as your own, but the GPL restricts this practice, and many believe that once you're touched by GPL you're poisoned.
I don't doubt that you should audit your code before you try to ship it as product, but does everyone really need an audit? And how much would open source audit compliance raise costs? Enough to make open source non-competitive?