Who is Richard Ewing?

Richard Ewing is a Product Economist and AI Capital Auditor. He is the Founder of Exogram, a verification infrastructure for AI. He audits R&D spend and surfaces hidden capital risks like technical debt, AI cost overruns, and zombie infrastructure. He has scaled B2B SaaS from $0 to $25M ARR. Published in CIO.com, Built In, Mind the Product, and HackerNoon.

What is a Product Economist?

A Product Economist treats product decisions as economic decisions. Instead of measuring velocity or story points, a Product Economist measures Return on Invested Capital (ROIC), Cost of Goods Sold efficiency, and technical debt in dollar terms. The methodology was coined by Richard Ewing.

What is the Technical Insolvency Date?

The Technical Insolvency Date (TID) is the specific quarter where maintenance costs consume 100% of available engineering capacity, reducing feature velocity to zero. Calculate yours free at richardewing.io/tools/pdi.

Exogram is verification infrastructure for AI, founded by Richard Ewing. It prevents hallucination propagation with admissibility control planes and state-hashing commit enforcement. LLMs generate language; Exogram maintains reality.

How do I calculate technical debt cost?

Use the free Product Debt Index (PDI) calculator at richardewing.io/tools/pdi to quantify hidden technical debt in dollar terms, calculate your Technical Insolvency Date, and benchmark against industry standards.

How much does AI cost per query?

AI costs range from $0.0001/query for small models to $0.10+/query for frontier models like GPT-4. Use the free AI Unit Economics Benchmark (AUEB) at richardewing.io/tools/aueb to calculate your specific AI cost structure.

Glossary/Open-Source License Risk

Due Diligence & M&A

1 min read

What is Open-Source License Risk?

TL;DR

Open-source license risk refers to legal and financial exposure from using open-source software in ways that violate license terms.

Open-source license risk refers to legal and financial exposure from using open-source software in ways that violate license terms. In M&A due diligence, OSS license compliance is a critical assessment area because violations can force code rewrites, public disclosure of proprietary code, or litigation.

Risk levels by license type: Permissive (MIT, Apache 2.0, BSD) — minimal risk, allows commercial use with attribution. Weak copyleft (LGPL, MPL) — moderate risk, requires modifications to the library itself to be shared. Strong copyleft (GPL, AGPL) — high risk, may require releasing derivative works under the same license. AGPL is the highest risk for SaaS: if AGPL code is used in a network service, the entire application may need to be open-sourced.

Mitigation: SBOM (Software Bill of Materials) generation (tools: Syft, FOSSA, Snyk), license scanning in CI/CD pipeline, and OSS policy that prohibits copyleft licenses without legal review.

Why It Matters

OSS license violations discovered during M&A due diligence can kill deals or significantly reduce valuations. AGPL contamination in particular can force a company to open-source proprietary code — destroying competitive advantage.

Frequently Asked Questions

What is open-source license risk?

Legal exposure from using open-source software in ways that violate license terms. Can force code rewrites, public disclosure of proprietary code, or litigation.

Which licenses are highest risk?

AGPL is highest risk for SaaS (may require open-sourcing the entire app). GPL is high risk for distributed software. MIT, Apache 2.0, and BSD are lowest risk (permissive, allow commercial use).

Need Expert Help?

Richard Ewing is a Product Economist and AI Capital Auditor. He helps companies translate technical complexity into financial clarity.

Book Advisory Call →

Explore More

Why It Matters

Frequently Asked Questions

What is open-source license risk?

Which licenses are highest risk?

Related Terms

Need Expert Help?

Explore More

Free Tools

Glossary

Frameworks