Most likely, it is included in some kind of ThirdPartyNotices.txt that ships wit... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

int_19h on Nov 15, 2022 | parent | context | favorite | on: My project is now an easter egg in Microsoft Fligh...

Most likely, it is included in some kind of ThirdPartyNotices.txt that ships with the game. It's actually pretty hard to sneak third party F/OSS under the radar in the company of this size - there's automated code scanners, among other things, and while they can't catch everything, they sure can flag a copy of a public project on GitHub.

lupire on Nov 15, 2022 [–]

What's an example of tool that scans binaries for matches with open source software?

EntityUnknown on Nov 16, 2022 | | [–]

At my previous org, we used black duck for this

https://www.synopsys.com/software-integrity/security-testing...

ar_lan on Nov 15, 2022 | | [–]

I don’t think you’ll find one. Most of these operate on the source code and its declared dependencies.

omegabravo on Nov 15, 2022 | | [–]

Pretty sure Black Duck does that

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact