SlideShare a Scribd company logo

Managing Open Source with an OSPO

Gil Yehuda
Gil Yehuda

This document discusses the need for companies to establish an Open Source Program Office (OSPO) to manage their open source governance processes. It outlines six key governance areas an OSPO must consider, including using open source in projects, publishing code to existing or new projects, and reviewing employee publications. The document also provides examples of common questions that arise regarding inbound and outbound open source activities and notes that an effective OSPO process involves cross-functional partners like legal and engineering. The overall message is that mid-to-large tech companies require an OSPO to successfully navigate open source governance, but each company can structure their OSPO differently depending on their needs.

Leadership & Management
1 of 16
By: Gil Yehuda *But were afraid to ask
My Presentation Goals Share corporate perspective on Open Source Highlight non-tech aspects of governance Invite you to consider how this works at your company
Why an open source program office? Companies with OSPO’s are more successful at managing Open Source Diverse developer skills requires consistency in corporate approach Having no process will create chaos and risk Corporate contributions to open source is essential You will have open source goals that don’t get met magically Questions come up all the time requiring someone to own the issue
6 governance areas you must consider when developing your Open Source Program Office Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications
Larger Open Source Program Office Context Technology strategy Assets Trends Business strategy Patent strategy Research Partners Talent strategy Code Management Tooling Scanning Mirroring Incident Management 3rd party Github Access Management Team Management Metrics portals Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications Strategy Governance Operations
Inbound Questions: what I’m thinking, what I’m asking License issues Technical Suitability Engineering Standards 1. Where’s the code? 2. What’s the license? 3. To use in which project? 4. Does this code leave our servers (e.g. a mobile app, JavaScript, desktop?) 5. Would we modify this code? 6. Any reason not to contribute to this project? 7. Does this replace technology we already use? 8. Who else reviewed this?
Inbound code via an acquisition Are we buying their mistakes? What’s in their code? What can we learn about their engineering? Can we help with a “special issue” situation? We can’t see their code, but we can ask them to list open source code and ask to run a code scan. Note: 1. Self-disclosures are never accurate, but they are a good start. 2. Mobile apps should have a credits UI. 3. Scan results reveal engineering sloppiness. 4. Some deals have special (legal) issues where the scan process can help.
Inbound Process is more than open source license checking Involve other partners: • Legal - license questions • Engineering - code suitability • Architects - tech standards • Paranoids - what’s in the code • BizDev - if we acquire code Inbound Process Approval Usage instructions Complicating factors Approval filters Code / License
Let’s focus on the Outbound cases… Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications
Outbound Questions: what I’m thinking, what I’m asking Creating a new Open Source project • Should we? • How to best position it Publishing to a existing project • Why not? • How to do it well 1. Was all the code written by an employee? 2. Was it written for a work related project? 3. It is in production? 4. What license will your code use? 5. Did you prepare the code for publication? • Does it have license and copyright text? • Is there a full README? • What’s the PR plan? 6. Why do you want to publish this?
Questions following initial Outbound Request Small like a bug fix or a big-deal project? Any legal concerns? Would anyone get upset? How do we do this properly? CLA Copyright Are we ready to lead another community or dump code? Who’s the community? Do they want this new project? Do we have a PR plan? Is the code inviting? README, installer? Is this ours to publish? Is it cleaned up for publication? Is this novel? Did we file a patent disclosure?
Outbound Process requires a lot more context to discuss Involves other partners: • Legal – License, CLA, Patent questions • Engineering – code reviewed and prepared • PR – is this something we promote, and how? Outbound Process Approval Publication instructions Complicating factors Approval filters Code Desired outcome
Product Pre-release • Before publishing a distributed app you need to verify you’ve attributed the code properly. App Credits: AFNetworking Project code: https://github.com/AFNetworking… Copyright (c) 2011, Gowalla (http://gowalla.com) License (MIT) https://github.com/AFNetworking... … • In rare situations you discover the need to publish code you did not expect to publish. Launch Process (OSS Step) Attribution UI Oops code Complicating factors Code scan Product (e.g. Mobile app)
Employee Questions • Pre-hires ask to work on open source. • Engineers publish “their own” code. • Engineers leaving want to take code. • We discover our code somewhere. Copyright Assignment Business Priorities Ethical behaviors When is my code, my code? IANALBUT Here’s how to do this properly.
Summary and Takeaway • Mid to large tech companies need an OSPO to manage governance processes. • The //TODO Group companies each run an OSPO, but we run them differently. That’s OK. • Ask me/us for help. OSPO is a service Educate with each interaction License and code whitelists don’t work Simplify: Ask & Get Help
Thanks! Now come over and say hi. gyehuda@yahoo-inc.com www.gilyehuda.com

Recommended

Rise of the Open Source Program Office for LinuxCon 2016
Rise of the Open Source Program Office for LinuxCon 2016Rise of the Open Source Program Office for LinuxCon 2016
Rise of the Open Source Program Office for LinuxCon 2016Gil Yehuda
 
Creating Authentic Value: Open Source vs. Open Core
Creating Authentic Value: Open Source vs. Open CoreCreating Authentic Value: Open Source vs. Open Core
Creating Authentic Value: Open Source vs. Open CoreDeborah Bryant
 
Free Open Source Software over Proprietary Software
Free Open Source Software over Proprietary SoftwareFree Open Source Software over Proprietary Software
Free Open Source Software over Proprietary SoftwareKawshalya Dushyan
 
Augmenting and Automating DevOps with Artificial Intelligence
Augmenting and Automating DevOps with Artificial IntelligenceAugmenting and Automating DevOps with Artificial Intelligence
Augmenting and Automating DevOps with Artificial IntelligenceEficode
 
Open Source Impact on Digital Transformation
Open Source Impact on Digital TransformationOpen Source Impact on Digital Transformation
Open Source Impact on Digital TransformationHarsha Kumara
 
BUDDY White Paper
BUDDY White PaperBUDDY White Paper
BUDDY White PaperAchmad Surya Afandy
 
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...DevOps.com
 
One company's journey to an open culture and innersource
One company's journey to an open culture and innersourceOne company's journey to an open culture and innersource
One company's journey to an open culture and innersourceJay Hopia
 

Recommended

Rise of the Open Source Program Office for LinuxCon 2016
Rise of the Open Source Program Office for LinuxCon 2016Rise of the Open Source Program Office for LinuxCon 2016
Rise of the Open Source Program Office for LinuxCon 2016Gil Yehuda
 
Creating Authentic Value: Open Source vs. Open Core
Creating Authentic Value: Open Source vs. Open CoreCreating Authentic Value: Open Source vs. Open Core
Creating Authentic Value: Open Source vs. Open CoreDeborah Bryant
 
Free Open Source Software over Proprietary Software
Free Open Source Software over Proprietary SoftwareFree Open Source Software over Proprietary Software
Free Open Source Software over Proprietary SoftwareKawshalya Dushyan
 
Augmenting and Automating DevOps with Artificial Intelligence
Augmenting and Automating DevOps with Artificial IntelligenceAugmenting and Automating DevOps with Artificial Intelligence
Augmenting and Automating DevOps with Artificial IntelligenceEficode
 
Open Source Impact on Digital Transformation
Open Source Impact on Digital TransformationOpen Source Impact on Digital Transformation
Open Source Impact on Digital TransformationHarsha Kumara
 
BUDDY White Paper
BUDDY White PaperBUDDY White Paper
BUDDY White PaperAchmad Surya Afandy
 
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...DevOps.com
 
One company's journey to an open culture and innersource
One company's journey to an open culture and innersourceOne company's journey to an open culture and innersource
One company's journey to an open culture and innersourceJay Hopia
 
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...South Tyrol Free Software Conference
 
Opticks - Journey To Open-Source
Opticks - Journey To Open-SourceOpticks - Journey To Open-Source
Opticks - Journey To Open-SourceKip Streithorst
 
Success Factors of FOSS Adoption
Success Factors of FOSS AdoptionSuccess Factors of FOSS Adoption
Success Factors of FOSS AdoptionAlexei Fedotov
 
Low code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra KumarLow code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra KumarSwatantra Kumar
 
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovixapidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovixapidays
 
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...apidays
 
Oss model, lifecycle & development
Oss model, lifecycle & developmentOss model, lifecycle & development
Oss model, lifecycle & developmentShafiul Azam Chowdhury
 
SFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During CoronaSFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During CoronaSouth Tyrol Free Software Conference
 
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of LibertySFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of LibertySouth Tyrol Free Software Conference
 
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...apidays
 
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...GRUC
 
ATAGTR2017 ChatBot
ATAGTR2017 ChatBotATAGTR2017 ChatBot
ATAGTR2017 ChatBotAgile Testing Alliance
 
Adopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHubAdopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHubSmartBear
 
The Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and OpportuntiesThe Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and OpportuntiesPaula Hunter
 
ATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web contentATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web contentAgile Testing Alliance
 
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...South Tyrol Free Software Conference
 
The Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationThe Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationPronovix
 
Microsoft ve Açık Kaynak
Microsoft ve Açık KaynakMicrosoft ve Açık Kaynak
Microsoft ve Açık KaynakMehmet Aydın Bahadır
 
Open Source as an Element of Corporate Strategy
Open Source as an Element of Corporate StrategyOpen Source as an Element of Corporate Strategy
Open Source as an Element of Corporate StrategyBlack Duck by Synopsys
 
20080602 Microsoft and Open Source
20080602 Microsoft and Open Source20080602 Microsoft and Open Source
20080602 Microsoft and Open SourceDavid Chou
 
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009eLiberatica
 
Managing and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPMManaging and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPMCA Technologies
 

More Related Content

What's hot

SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...South Tyrol Free Software Conference
 
Opticks - Journey To Open-Source
Opticks - Journey To Open-SourceOpticks - Journey To Open-Source
Opticks - Journey To Open-SourceKip Streithorst
 
Success Factors of FOSS Adoption
Success Factors of FOSS AdoptionSuccess Factors of FOSS Adoption
Success Factors of FOSS AdoptionAlexei Fedotov
 
Low code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra KumarLow code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra KumarSwatantra Kumar
 
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovixapidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovixapidays
 
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...apidays
 
SFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During CoronaSFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During CoronaSouth Tyrol Free Software Conference
 
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of LibertySFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of LibertySouth Tyrol Free Software Conference
 
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...apidays
 
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...GRUC
 
Adopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHubAdopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHubSmartBear
 
The Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and OpportuntiesThe Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and OpportuntiesPaula Hunter
 
ATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web contentATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web contentAgile Testing Alliance
 
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...South Tyrol Free Software Conference
 
The Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationThe Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationPronovix
 

What's hot (18)

SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
 
Opticks - Journey To Open-Source
Opticks - Journey To Open-SourceOpticks - Journey To Open-Source
Opticks - Journey To Open-Source
 
Success Factors of FOSS Adoption
Success Factors of FOSS AdoptionSuccess Factors of FOSS Adoption
Success Factors of FOSS Adoption
 
Low code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra KumarLow code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra Kumar
 
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovixapidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
 
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
 
Oss model, lifecycle & development
Oss model, lifecycle & developmentOss model, lifecycle & development
Oss model, lifecycle & development
 
SFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During CoronaSFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
 
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of LibertySFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
 
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
 
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
 
ATAGTR2017 ChatBot
ATAGTR2017 ChatBotATAGTR2017 ChatBot
ATAGTR2017 ChatBot
 
Adopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHubAdopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHub
 
The Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and OpportuntiesThe Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and Opportunties
 
ATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web contentATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web content
 
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
 
The Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationThe Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital Transformation
 
Microsoft ve Açık Kaynak
Microsoft ve Açık KaynakMicrosoft ve Açık Kaynak
Microsoft ve Açık Kaynak
 

Viewers also liked

Open Source as an Element of Corporate Strategy
Open Source as an Element of Corporate StrategyOpen Source as an Element of Corporate Strategy
Open Source as an Element of Corporate StrategyBlack Duck by Synopsys
 
20080602 Microsoft and Open Source
20080602 Microsoft and Open Source20080602 Microsoft and Open Source
20080602 Microsoft and Open SourceDavid Chou
 
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009eLiberatica
 
Managing and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPMManaging and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPMCA Technologies
 
Application Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solutionApplication Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solutionCarolyn Reid
 
Annette Zimmermann (Gartner) Intro to the AR+VR Market Opportunity
Annette Zimmermann (Gartner) Intro to the AR+VR Market OpportunityAnnette Zimmermann (Gartner) Intro to the AR+VR Market Opportunity
Annette Zimmermann (Gartner) Intro to the AR+VR Market OpportunityAugmentedWorldExpo
 
Application Portfolio Rationalization
Application Portfolio RationalizationApplication Portfolio Rationalization
Application Portfolio RationalizationBob Rhubart
 
Rationalizing an Enterprise IT Architecture
Rationalizing an Enterprise IT ArchitectureRationalizing an Enterprise IT Architecture
Rationalizing an Enterprise IT ArchitectureBob Rhubart
 
2016 Future of Open Source Survey Results
2016 Future of Open Source Survey Results2016 Future of Open Source Survey Results
2016 Future of Open Source Survey ResultsBlack Duck by Synopsys
 

Viewers also liked (9)

Open Source as an Element of Corporate Strategy
Open Source as an Element of Corporate StrategyOpen Source as an Element of Corporate Strategy
Open Source as an Element of Corporate Strategy
 
20080602 Microsoft and Open Source
20080602 Microsoft and Open Source20080602 Microsoft and Open Source
20080602 Microsoft and Open Source
 
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
 
Managing and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPMManaging and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPM
 
Application Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solutionApplication Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solution
 
Annette Zimmermann (Gartner) Intro to the AR+VR Market Opportunity
Annette Zimmermann (Gartner) Intro to the AR+VR Market OpportunityAnnette Zimmermann (Gartner) Intro to the AR+VR Market Opportunity
Annette Zimmermann (Gartner) Intro to the AR+VR Market Opportunity
 
Application Portfolio Rationalization
Application Portfolio RationalizationApplication Portfolio Rationalization
Application Portfolio Rationalization
 
Rationalizing an Enterprise IT Architecture
Rationalizing an Enterprise IT ArchitectureRationalizing an Enterprise IT Architecture
Rationalizing an Enterprise IT Architecture
 
2016 Future of Open Source Survey Results
2016 Future of Open Source Survey Results2016 Future of Open Source Survey Results
2016 Future of Open Source Survey Results
 

Similar to Managing Open Source with an OSPO

Breaking Free from Proprietary Gravitational Pull
Breaking Free from Proprietary Gravitational PullBreaking Free from Proprietary Gravitational Pull
Breaking Free from Proprietary Gravitational PullGreat Wide Open
 
Automated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps NextAutomated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps NextPerfecto by Perforce
 
Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations? Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations? Source Code Control Limited
 
Software audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBSoftware audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBnexB Inc.
 
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...Technical Due Diligence for M&A: A Perspective from Corporate Development at ...
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...Black Duck by Synopsys
 
To Open Source or Not to Open Source...Where is the ROI?
To Open Source or Not to Open Source...Where is the ROI?To Open Source or Not to Open Source...Where is the ROI?
To Open Source or Not to Open Source...Where is the ROI?Ted Haeger
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainShane Coughlan
 
Software Audit Strategies - How often is good enough for a software audit?
Software Audit Strategies - How often is good enough for a software audit? Software Audit Strategies - How often is good enough for a software audit?
Software Audit Strategies - How often is good enough for a software audit? Tiberius Forrester
 
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...WSO2
 
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...FINOS
 
InnerSourcing - Worldwide enterprise development teams collaboration
InnerSourcing - Worldwide enterprise development teams collaborationInnerSourcing - Worldwide enterprise development teams collaboration
InnerSourcing - Worldwide enterprise development teams collaborationJulian Werba
 
IDCEE 2013: How to do a successful company around open source - Michael Widen...
IDCEE 2013: How to do a successful company around open source - Michael Widen...IDCEE 2013: How to do a successful company around open source - Michael Widen...
IDCEE 2013: How to do a successful company around open source - Michael Widen...IDCEE
 
Build your business on top of Open Source
Build your business on top of Open SourceBuild your business on top of Open Source
Build your business on top of Open SourceAntonio Peric-Mazar
 
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...Cuneiform Consulting Pvt Ltd.
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015Rogue Wave Software
 
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...Schlomo Schapiro
 
Introducing the Open Advertising Protocol
Introducing the Open Advertising ProtocolIntroducing the Open Advertising Protocol
Introducing the Open Advertising ProtocolJoe Pych
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Empower Your Projects with Low Code No Code Development Services
Empower Your Projects with Low Code No Code Development ServicesEmpower Your Projects with Low Code No Code Development Services
Empower Your Projects with Low Code No Code Development ServicesMetafic
 

Similar to Managing Open Source with an OSPO (20)

Breaking Free from Proprietary Gravitational Pull
Breaking Free from Proprietary Gravitational PullBreaking Free from Proprietary Gravitational Pull
Breaking Free from Proprietary Gravitational Pull
 
Automated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps NextAutomated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps Next
 
Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations? Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations?
 
Software audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBSoftware audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexB
 
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...Technical Due Diligence for M&A: A Perspective from Corporate Development at ...
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...
 
To Open Source or Not to Open Source...Where is the ROI?
To Open Source or Not to Open Source...Where is the ROI?To Open Source or Not to Open Source...Where is the ROI?
To Open Source or Not to Open Source...Where is the ROI?
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply Chain
 
Software Audit Strategies - How often is good enough for a software audit?
Software Audit Strategies - How often is good enough for a software audit? Software Audit Strategies - How often is good enough for a software audit?
Software Audit Strategies - How often is good enough for a software audit?
 
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
 
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
 
InnerSourcing - Worldwide enterprise development teams collaboration
InnerSourcing - Worldwide enterprise development teams collaborationInnerSourcing - Worldwide enterprise development teams collaboration
InnerSourcing - Worldwide enterprise development teams collaboration
 
IDCEE 2013: How to do a successful company around open source - Michael Widen...
IDCEE 2013: How to do a successful company around open source - Michael Widen...IDCEE 2013: How to do a successful company around open source - Michael Widen...
IDCEE 2013: How to do a successful company around open source - Michael Widen...
 
Build your business on top of Open Source
Build your business on top of Open SourceBuild your business on top of Open Source
Build your business on top of Open Source
 
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015
 
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
 
Introducing the Open Advertising Protocol
Introducing the Open Advertising ProtocolIntroducing the Open Advertising Protocol
Introducing the Open Advertising Protocol
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Code audition
Code auditionCode audition
Code audition
 
Empower Your Projects with Low Code No Code Development Services
Empower Your Projects with Low Code No Code Development ServicesEmpower Your Projects with Low Code No Code Development Services
Empower Your Projects with Low Code No Code Development Services
 

Recently uploaded

Simplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes ThinkingSimplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes ThinkingCIToolkit
 
Management and managerial skills training manual.pdf
Management and managerial skills training manual.pdfManagement and managerial skills training manual.pdf
Management and managerial skills training manual.pdffillmonipdc
 
Call Us🔝⇛+91-97111🔝47426 Call In girls Munirka (DELHI)
Call Us🔝⇛+91-97111🔝47426 Call In girls Munirka (DELHI)Call Us🔝⇛+91-97111🔝47426 Call In girls Munirka (DELHI)
Call Us🔝⇛+91-97111🔝47426 Call In girls Munirka (DELHI)jennyeacort
 
From Goals to Actions: Uncovering the Key Components of Improvement Roadmaps
From Goals to Actions: Uncovering the Key Components of Improvement RoadmapsFrom Goals to Actions: Uncovering the Key Components of Improvement Roadmaps
From Goals to Actions: Uncovering the Key Components of Improvement RoadmapsCIToolkit
 
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...CIToolkit
 
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024Giuseppe De Simone
 
LPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business SectorLPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business Sectorthomas851723
 
LPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations ReviewLPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations Reviewthomas851723
 
Measuring True Process Yield using Robust Yield Metrics
Measuring True Process Yield using Robust Yield MetricsMeasuring True Process Yield using Robust Yield Metrics
Measuring True Process Yield using Robust Yield MetricsCIToolkit
 
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证jdkhjh
 
Shaping Organizational Culture Beyond Wishful Thinking
Shaping Organizational Culture Beyond Wishful ThinkingShaping Organizational Culture Beyond Wishful Thinking
Shaping Organizational Culture Beyond Wishful ThinkingGiuseppe De Simone
 
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why Diagram
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why DiagramBeyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why Diagram
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why DiagramCIToolkit
 
Farmer Representative Organization in Lucknow | Rashtriya Kisan Manch
Farmer Representative Organization in Lucknow | Rashtriya Kisan ManchFarmer Representative Organization in Lucknow | Rashtriya Kisan Manch
Farmer Representative Organization in Lucknow | Rashtriya Kisan ManchRashtriya Kisan Manch
 
Fifteenth Finance Commission Presentation
Fifteenth Finance Commission PresentationFifteenth Finance Commission Presentation
Fifteenth Finance Commission Presentationmintusiprd
 
Introduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-EngineeringIntroduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-Engineeringthomas851723
 
How-How Diagram: A Practical Approach to Problem Resolution
How-How Diagram: A Practical Approach to Problem ResolutionHow-How Diagram: A Practical Approach to Problem Resolution
How-How Diagram: A Practical Approach to Problem ResolutionCIToolkit
 
Reflecting, turning experience into insight
Reflecting, turning experience into insightReflecting, turning experience into insight
Reflecting, turning experience into insightWayne Abrahams
 
Unlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency MatrixUnlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency MatrixCIToolkit
 
Motivational theories an leadership skills
Motivational theories an leadership skillsMotivational theories an leadership skills
Motivational theories an leadership skillskristinalimarenko7
 

Recently uploaded (20)

Simplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes ThinkingSimplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes Thinking
 
Management and managerial skills training manual.pdf
Management and managerial skills training manual.pdfManagement and managerial skills training manual.pdf
Management and managerial skills training manual.pdf
 
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Servicesauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
 
Call Us🔝⇛+91-97111🔝47426 Call In girls Munirka (DELHI)
Call Us🔝⇛+91-97111🔝47426 Call In girls Munirka (DELHI)Call Us🔝⇛+91-97111🔝47426 Call In girls Munirka (DELHI)
Call Us🔝⇛+91-97111🔝47426 Call In girls Munirka (DELHI)
 
From Goals to Actions: Uncovering the Key Components of Improvement Roadmaps
From Goals to Actions: Uncovering the Key Components of Improvement RoadmapsFrom Goals to Actions: Uncovering the Key Components of Improvement Roadmaps
From Goals to Actions: Uncovering the Key Components of Improvement Roadmaps
 
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...
 
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024
 
LPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business SectorLPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business Sector
 
LPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations ReviewLPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations Review
 
Measuring True Process Yield using Robust Yield Metrics
Measuring True Process Yield using Robust Yield MetricsMeasuring True Process Yield using Robust Yield Metrics
Measuring True Process Yield using Robust Yield Metrics
 
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证
 
Shaping Organizational Culture Beyond Wishful Thinking
Shaping Organizational Culture Beyond Wishful ThinkingShaping Organizational Culture Beyond Wishful Thinking
Shaping Organizational Culture Beyond Wishful Thinking
 
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why Diagram
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why DiagramBeyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why Diagram
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why Diagram
 
Farmer Representative Organization in Lucknow | Rashtriya Kisan Manch
Farmer Representative Organization in Lucknow | Rashtriya Kisan ManchFarmer Representative Organization in Lucknow | Rashtriya Kisan Manch
Farmer Representative Organization in Lucknow | Rashtriya Kisan Manch
 
Fifteenth Finance Commission Presentation
Fifteenth Finance Commission PresentationFifteenth Finance Commission Presentation
Fifteenth Finance Commission Presentation
 
Introduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-EngineeringIntroduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-Engineering
 
How-How Diagram: A Practical Approach to Problem Resolution
How-How Diagram: A Practical Approach to Problem ResolutionHow-How Diagram: A Practical Approach to Problem Resolution
How-How Diagram: A Practical Approach to Problem Resolution
 
Reflecting, turning experience into insight
Reflecting, turning experience into insightReflecting, turning experience into insight
Reflecting, turning experience into insight
 
Unlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency MatrixUnlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency Matrix
 
Motivational theories an leadership skills
Motivational theories an leadership skillsMotivational theories an leadership skills
Motivational theories an leadership skills
 

Managing Open Source with an OSPO

  • 1. By: Gil Yehuda *But were afraid to ask
  • 2. My Presentation Goals Share corporate perspective on Open Source Highlight non-tech aspects of governance Invite you to consider how this works at your company
  • 3. Why an open source program office? Companies with OSPO’s are more successful at managing Open Source Diverse developer skills requires consistency in corporate approach Having no process will create chaos and risk Corporate contributions to open source is essential You will have open source goals that don’t get met magically Questions come up all the time requiring someone to own the issue
  • 4. 6 governance areas you must consider when developing your Open Source Program Office Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications
  • 5. Larger Open Source Program Office Context Technology strategy Assets Trends Business strategy Patent strategy Research Partners Talent strategy Code Management Tooling Scanning Mirroring Incident Management 3rd party Github Access Management Team Management Metrics portals Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications Strategy Governance Operations
  • 6. Inbound Questions: what I’m thinking, what I’m asking License issues Technical Suitability Engineering Standards 1. Where’s the code? 2. What’s the license? 3. To use in which project? 4. Does this code leave our servers (e.g. a mobile app, JavaScript, desktop?) 5. Would we modify this code? 6. Any reason not to contribute to this project? 7. Does this replace technology we already use? 8. Who else reviewed this?
  • 7. Inbound code via an acquisition Are we buying their mistakes? What’s in their code? What can we learn about their engineering? Can we help with a “special issue” situation? We can’t see their code, but we can ask them to list open source code and ask to run a code scan. Note: 1. Self-disclosures are never accurate, but they are a good start. 2. Mobile apps should have a credits UI. 3. Scan results reveal engineering sloppiness. 4. Some deals have special (legal) issues where the scan process can help.
  • 8. Inbound Process is more than open source license checking Involve other partners: • Legal - license questions • Engineering - code suitability • Architects - tech standards • Paranoids - what’s in the code • BizDev - if we acquire code Inbound Process Approval Usage instructions Complicating factors Approval filters Code / License
  • 9. Let’s focus on the Outbound cases… Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications
  • 10. Outbound Questions: what I’m thinking, what I’m asking Creating a new Open Source project • Should we? • How to best position it Publishing to a existing project • Why not? • How to do it well 1. Was all the code written by an employee? 2. Was it written for a work related project? 3. It is in production? 4. What license will your code use? 5. Did you prepare the code for publication? • Does it have license and copyright text? • Is there a full README? • What’s the PR plan? 6. Why do you want to publish this?
  • 11. Questions following initial Outbound Request Small like a bug fix or a big-deal project? Any legal concerns? Would anyone get upset? How do we do this properly? CLA Copyright Are we ready to lead another community or dump code? Who’s the community? Do they want this new project? Do we have a PR plan? Is the code inviting? README, installer? Is this ours to publish? Is it cleaned up for publication? Is this novel? Did we file a patent disclosure?
  • 12. Outbound Process requires a lot more context to discuss Involves other partners: • Legal – License, CLA, Patent questions • Engineering – code reviewed and prepared • PR – is this something we promote, and how? Outbound Process Approval Publication instructions Complicating factors Approval filters Code Desired outcome
  • 13. Product Pre-release • Before publishing a distributed app you need to verify you’ve attributed the code properly. App Credits: AFNetworking Project code: https://github.com/AFNetworking… Copyright (c) 2011, Gowalla (http://gowalla.com) License (MIT) https://github.com/AFNetworking... … • In rare situations you discover the need to publish code you did not expect to publish. Launch Process (OSS Step) Attribution UI Oops code Complicating factors Code scan Product (e.g. Mobile app)
  • 14. Employee Questions • Pre-hires ask to work on open source. • Engineers publish “their own” code. • Engineers leaving want to take code. • We discover our code somewhere. Copyright Assignment Business Priorities Ethical behaviors When is my code, my code? IANALBUT Here’s how to do this properly.
  • 15. Summary and Takeaway • Mid to large tech companies need an OSPO to manage governance processes. • The //TODO Group companies each run an OSPO, but we run them differently. That’s OK. • Ask me/us for help. OSPO is a service Educate with each interaction License and code whitelists don’t work Simplify: Ask & Get Help
  • 16. Thanks! Now come over and say hi. gyehuda@yahoo-inc.com www.gilyehuda.com