Sushi Bytes
Sushi Bytes is an unapologetically AI-generated podcast brought to you by Shinobi, FossID’s vigilant Software Composition Analysis ninja. In each bite-sized episode, Shinobi breaks down the evolving world of software supply chain integrity – from open-source license compliance and vulnerability disclosure to SBOM standards, IP risks, and AI-generated code implications.
With a surge in regulatory scrutiny and AI adoption, the software stack is becoming harder to manage – and riskier to ignore. Sushi Bytes offers sharp, fast insights for engineering leaders, open-source program managers, and legal professionals navigating the intersection of compliance, code, and code generation.
Sushi Bytes
The Real Risk of License Drift
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
In this episode of Sushi Bytes, Shinobi and Gen dive into the hidden risk of license drift – when the open source license declared in metadata files like package.json or README doesn’t match the actual licenses embedded in the source code. It’s a common problem with serious consequences, especially in embedded systems or M&A deals. The duo explores why relying on metadata alone can mislead engineering teams and expose organizations to IP risk, and how SCA tools like FossID catch mismatches through file-level inspection – so you don’t ship surprises with your software.
