Source Code Repositories: Authenticating Production of Source Code

August 15, 2017 - from DisputeSoft's Josh Siegel

The reliable record of changes maintained by source code repositories makes them among best evidence an expert can be provided for the purpose of authenticating source code production. A source code repository tracks the development of a program by maintaining native source code files that can be examined as they existed throughout the history of the program’s development. Each change made to a source code file can be recorded by the repository, and it is difficult to alter the data within a repository without leaving traces of the alteration. For example, source code repositories often tie a unique, sequential ID number to each update of code. A gap in the sequence of code updates may indicate that the repository has been altered. Similarly, if a program was purportedly developed over the course of several years, but all of the code contained in a produced repository was added to the repository on the same day, the produced repository is probably not the repository used during the development of the software.

When an expert lacks access to a source code repository, he or she can still potentially authenticate produced source code if provided with individual files in native format. Although files produced …

Source Code Repositories: Reviewing the Right Version of a Program

July 14, 2017 - from DisputeSoft's Josh Siegel

When examining software for evidence of copying in a misappropriation case, an expert attempts to examine the allegedly infringing program as it existed on or about the date of alleged copying. Programs evolve constantly due to regulatory changes, new operating system requirements, customer feedback, bug fixes, and many other external demands. Such updates may result in substantial alteration to a program over time, and the code that comprises a program on the date of alleged copying may differ significantly from the program’s code at the time of litigation. The code of the program at the time of litigation may contain little or no indication of copying, while previous versions of that same program may show significant evidence of copying. In some cases, a group or individual who has copied code may attempt to delete and rewrite some of the copied code over time in order to hide the fact that the program began as a copy of an existing work.

Using the change management features of a source code repository, an independent expert can “roll back” all of the updates made to a program to a specific date. This technique allows the expert to review and compare two programs as …

Source Code Repositories: What is a Source Code Repository?

June 15, 2017 - from DisputeSoft's Josh Siegel

Software development is a competitive business, and disputes over intellectual property can arise when software engineers move to new companies that compete with their former employers. Should the dispute result in litigation, a source code repository can help an expert witness determine whether a former employee copied a previous employer’s proprietary source code on the way out the door.

When developing software for a business purpose, many software developers employ a source code control mechanism, such as a source code repository. Using a source code repository has many potential benefits for an organization, including:

– Concurrent Development: Repositories usually allow multiple developers to make edits to different parts of the same program simultaneously. Developers can then merge their changes back into the main program.

– Increased Transparency: Most source code repositories require a developer to check out, edit, and then check back in the part of the program he or she was editing. The repository records which developer made changes and when, resulting in a log of updates made to the program over time.

– Version Control: When developers make enough changes to a program stored in a source code repository, they can designate the updated program as a new …