3 ways every company can get started with an open-source software strategy
The future of software development does not exist without open source. However, to maintain today’s software and create the software of the future, the largest organizations and beneficiaries of open source need to expand their collaboration with the community and help it grow.
This post was originally published in VentureBeat and is republished here with permission.
Technology drives human progress, and it’s unlikely there will ever be another significant breakthrough that isn’t supported by software.
Everything from the automotive industry to healthcare to climate tech relies on software as an invisible backbone making future innovations possible. And behind all of this development are millions of individuals who make up the global open-source community.
The future of software development does not exist without open source; however, to maintain today’s software and create the software of the future, the largest organizations and beneficiaries of open source need to expand their collaboration with the community and help it grow. According to a recent Tidelift study, only 15% of organizations are extremely confident in their open-source management practices, yet a recent RedHat survey showed 80% expect to increase their use of enterprise open-source software for emerging technologies.
To close this gap and sustain the number of developers, maintainers and contributors, companies need to increase their participation in and engagement with the open-source community. Though a seemingly daunting task, there are many ways that companies can organize open-source programs. Here are three ways they can get started:
1. Understand your organization’s engagement and processes with open-source software.
Do you have a clear picture of your organization’s current work with open-source developers? Are there dedicated internal resources where your teams can understand your collaboration and processes to partner with open-source projects?
A lack of process for contributing to open source can inhibit developers from making upstream contributions to the open-source projects. For instance, according to the Tidelift study previously mentioned, 61% of organizations have a formal approval process for introducing new open-source components, yet getting approval to use new open-source components in large organizations can prove slow and tedious, often taking a week or more.
Companies can make it easier for developers to release open-source code by making efforts to open source everything possible and putting code out there to invite developers to use their software. Companies will also benefit from setting up lightweight guidelines for creating open-source projects. In effect, this will accelerate the approval process and help determine what good maintenance and governance mean to them.
2. Manage your company’s participation in open source and provide structure through an open-source program office.
If getting an understanding of current work and setting up processes is the first step, creating an open-source program office (OSPO) can help supercharge growth around your open-source processes. An official OSPO works cross-functionally across your company to reduce potential barriers with departments like legal, HR, engineering and security.
An OSPO can also help increase organizational confidence in open source and reduce developer friction. Startups and large organizations across tech, financial services and academia can create the program offices to help manage open source at scale. This group is the front line for support on open source when developers have questions.
All sorts of professionals create OSPOs; developers, engineers and program managers have all spearheaded programs and taken initiative to get them started. The TODO Group is an example of one network that is a great public resource to get started as it provides case studies, guides, how-tos and surveys to support organizations in establishing an OSPO.
3. Support developers and the open-source community through sponsorships and investments.
As the world is becoming increasingly reliant on open source, everyone has a responsibility to give back to the community. This support helps lift all efforts of the broader community. For example, during recent software supply chain vulnerabilities such as last year’s Log4j, many open-source developers dedicated their own time and resources to addressing fixes for the code library that many companies relied on. These developers deserve recognition and support for this work.
No first step is too small — providing sponsorships for the projects and developers your company relies on is a great place to start as it will open a conversation with the community. With many options available, like Outreachy, Open Collective, GitHub Sponsors, and several foundations like Linux Foundation, OpenJS and more, supporting open source is easier than ever.
Open-source projects power our major software systems and the global economy, but it’s a two-way street. Companies that rely on the community need to encourage and collaborate more with developers, maintainers and contributors to jointly create software that delivers innovation.
By implementing an open-source strategy at their companies, organizations can deliver exceptional experiences at an accelerated pace, engage the developer community, support the projects that matter to them most and contribute to the future of software, together.
Written by
Related posts
GitHub Actions, Arm64, and the future of automotive software development
Learn how GitHub’s Enterprise Cloud, GitHub Actions, and Arm’s latest Automotive Enhanced processors, work together to usher in a new era of efficient, scalable, and flexible automotive software creation.
The architecture of SAST tools: An explainer for developers
More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.
Frenemies to friends: Developers and security tools
When socializing a new security tool, it IS possible to build a bottom-up security culture where engineering has a seat at the table. Let’s explore some effective strategies witnessed by the GitHub technical sales team to make this shift successful.