Summary
Restricting the usage of unauthorized Open-source code (OSC) or Third-party Libraries (TPL) in our projects
Guidelines for the usage of open-source code or third-party libraries in our projects and to prevent the usage of unauthorized open-source code or third-party libraries that may pose risks to our organization and our client’s organization.
Security Policy
How to secure data inside the organization.
Data Protection Rules
Rules to follow in order to keep our data and work secure.
Only authorized open-source code or third-party libraries may be used in our projects. Unauthorized open-source code or third-party libraries may not be used under any circumstances.
There are several potential risks associated with using unauthorized code or libraries in our projects, including:
Unauthorized code may contain security vulnerabilities that could be exploited by attackers to gain access to the system or sensitive data.
Unauthorized code may be protected by copyright, patent, or other intellectual property rights. Using unauthorized code could result in legal liability, including lawsuits, fines, or penalties.
Unauthorized code may not have been thoroughly tested and could contain bugs or other defects that could impact the quality and reliability of the software.
Unauthorized code may not be compatible with the existing codebase or may cause conflicts with other libraries or components.
Unauthorized code may not be well-maintained, and could become outdated or unsupported, making it difficult to maintain or update your software.
Unauthorized code may be poorly optimized, resulting in reduced performance or scalability.
1 If our client requests for a specific open-source code or third-party libraries to be added to the project
In case our client requests for a specific open-source code or third-party libraries to be added to the current project the following steps should be followed:
Our client will analyze the open-source code or third-party libraries in terms of licensing, and quality and decide if the code/library will be used.
Our client will ensure that all legal formalities are covered in order to use the open-source code or third-party libraries.
Our client will notify the Wayfare development team in writing, via email, whether the open-source code or third-party libraries can be used and will assume legal responsibility for its usage.
2 If Wayfare developers identify a need for a specific open-source code or third-party libraries
In case Wayfare developers identify a need for a specific open-source code or third-party libraries to be added to the current project the following steps should be followed:
Wayfare developers notify the Development team from the client side in writing, via email, about the open-source code or third-party libraries that are needed. The Wayfare Project Manager/Operational manager will be added in the CC of the email.
Our client will analyze the open-source code or third-party libraries in terms of licensing, and quality and decide if the code/library will be used.
Our client will ensure that all legal formalities are covered in order to use the open-source code or third-party libraries.
Our client will notify the Wayfare development team in writing, via email, whether the open-source code or third-party libraries can be used and will assume legal responsibility for its usage. Tasks description, chat and/or verbal communication do not qualify as an official request.