Their reaction seems to be unabashed joy. A Black Duck executive, Phil Odence, chairs the foundation's Software Package Data Exchange (SPDX) working group. In addition to the software there is a directory that lets developer link, through the Foundation, to corporate compliance officers.
That may be why the Linux Foundation seems late to the party. There are many moving parts in license compliance, many vendors with their own agendas. Getting everyone on the same page took time and no small amount of diplomacy.
It's not something even the most well-intentioned individual could do alone. It took some institutional heft, which the Foundation brought to the party.
There is another benefit to all this, of course, beyond keeping enterprises in compliance with license the way the Business Software Association expects them to be in the proprietary space. But improved compliance tools will also help enterprises maintain current versions of open source tools, improving security.
In his own blog post on the program, Linux Foundation executive director Jim Zemlin (above) says the program will lower costs, speed adoption, and lead to better compliance tools.