Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Ideas, methods and tools for OSS Compliance assessment, OW2online, June 2020

99 Aufrufe

Veröffentlicht am

Presentation by Boris Baldassari, Consultant, Castalia Solutions.
Abstract: While Open Source Software has become mainstream, the understanding of its key principles, from ethics and collaboration to governance and community management, is gaining more interest and attention. There is a comprehensive volume of studies and reports backing up our individual and collective experience, yet we still cannot reliably measure these characteristics, and even less clearly define or assess them.

In an attempt to build up confidence and foster maturity in this area, this talk will look at the various existing models and metrics related to OSS compliance and governance, and build upon them to propose methods and tools for their evaluation and analysis. We will discuss the requirements and essential questions to ask, offer guidelines for implementation and suggest efficient ways to present results.

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

Ideas, methods and tools for OSS Compliance assessment, OW2online, June 2020

  1. 1. Ideas, methods and tools for OSS Good Governance assessment  Boris Baldassari  boris.baldassari@castalia.solutions  http://castalia.solutions
  2. 2. 2 Who am I? ● My name is Boris Baldassari. ● Working as a Software Engineer & Consultant for Castalia Solutions. ● 15+ years experience in the field of software development methods and tools. ● Involved in several software quality assessment projects: – Polarsys Maturity Assessment Initiative for the Eclipse foundation. – Maisqual (research). – Crossminer / Scava (EU-funded research project).
  3. 3. 3 Summary ● Introduction: Goals & Context ● What is Good Governance? – OSS Core principles: Openness, Transparency, Good practices. – Community: Diversity, Activity, Support. – Process: IP Cleanliness, Decision making, Engagement. ● Building a Good Governance Quality Model – Measurement: goals, metrics, tools. – Addressing concerns: OSS Core, Community, Process – Proposed Quality Model implementation ● Conclusion ● References
  4. 4. Introduction
  5. 5. 5 Introduction Goals of this talk: ● Nurture discussions on the topic. ● Propose a consistent semantic framework as a starting point for a proof of concept. ● Propose simple yet effective measurements, to be improved and extended. How are we to achieve this? ● Stay practical even if scope is not complete. ● Rely on existing technologies and tools for immediate implementation.
  6. 6. What is Good Governance?
  7. 7. 7 What is Good Governance? – OSS core principles Key good governance areas regarding OSS core principles and good practices: ● Openness, Transparency: the project is open to all All assets (tools, processes) are publicly available and documented. ● Ethics: initiatives and procedures set up to ensure good behaviour. Code of conduct, escalation procedures. Diversity and Inclusion initatives. ● Documentation: helping peope adopt the product and project. User guides: Readme, Getting started. Development guides: Contributing.
  8. 8. 8 What is Good Governance? – Community Key community-related areas regarding good governance: ● Diversity: People from different backgrounds and companies. Increases reliability and sustainability of the project. Founding principle of OSS: “given enough eyeballs, all bugs are shallow”. ● Activity: Amount of contributions. A direct indicator of velocity for maintenance and evolution. An indirect indicator of good governance. Its evolution over time defines the sustainability of the project. ● Support: Answers to posts & bugs, answering ratio, time to resolve.. A defining criterion for participation and engagement. A defining criterion for product’s adoption, community growth and sustainability.
  9. 9. 9 What is Good Governance? – Process Key process-related areas regarding good governance: ● IP Cleanliness: Licence checks, IP cleaning procedures. ● Decision making: how decisions are made? How PRs, Issues, Posts are addressed? Is the decision-making process publicly documented and transparent? ● Engagement: enabling and fostering participation. How the community is invited to participate? How community’s requests and demands are met?
  10. 10. 10 Existing initiatives OW2 Good Governance working group A new, active initiative to “develop and promote the usage and sharing of free and open source software governance best practices”. Linux Foundation CHAOSS working group An active community working on community health metrics. Working groups include: Common Metrics, Diversity and Inclusion, Evolution, Risk, Value. Issue with many metrics related to these areas is they often cannot be easily automated, e.g. because they rely on a human assessment like ‘how good is the getting started guide?’.
  11. 11. Towards a Quality Model
  12. 12. 12 Why a Quality Model? What are the benefits of a quality model? ● It provides a common semantic framework. ● It conveys important key information instantly… … while allowing further detailed drill-in. ● It can be put to work on real-life projects when connected to metrics. Notes: ● It must be thoroughly documented, from quality attributes to metrics. ● Several norms exist for product- and process- oriented quality models.
  13. 13. 13 Building a Quality Model – OSS core principles Key good governance areas regarding OSS core principles and good practices: ● Information: tools and associated processes are documented. Easily get access and retrieve the information. ● Openness, Transparency: tools and associated processes can be accessed. Public availability of all major project tools: SCM, ITS, CI, MLS. ● Ethics: public availability of ethic-related documents (Code of Conduct, Diversity and Inclusion Groups, Escalation procedure). ● Collaboration: public availability of standard collaboration documents (Readme, Licence, Contributing, Getting Started)
  14. 14. 14 Building a Quality Model – Community Key community-related areas regarding good governance: ● Diversity: People from different backgrounds and companies. Number of actors involved (SCM, ITS, MLS) Founding principle of OSS: “given enough eyeballs, all bugs are shallow”. ● Activity: Amount of contributions. A direct indicator of velocity for maintenance and evolution. An indirect indicator of good governance. Its evolution over time defines the sustainability of the project. ● Support: Answers to posts & bugs, answering ratio, time to resolve.. A defining criterion for participation and engagement. A defining criterion for product’s adoption, community growth and sustainability. Tooling / Metrics: ● GrimoireLab ● Alambic
  15. 15. 15 Building a Quality Model – Process Key process-related areas regarding good governance: ● IP Cleanliness: Licence checks, IP cleaning procedures. Use tools like Scancode, dependency-checker, Fossology.. ● Decision making: how decisions are made? Documentation of the governance’s model. Governance accountability (committee’s minutes, chat transcript..). ● Engagement: enabling and fostering participation. Analysing the repartition (and diversity) of activity.
  16. 16. 16 Building a Quality Model Proposed Quality Model: (From quality attributes to metrics.)
  17. 17. 17 Building a Quality Model – Report
  18. 18. Conclusion
  19. 19. 19 Conclusion ● This talk is a naïve attempt to build a workable proof of concept for OSS Governance assessment. ● The quality model is incomplete and could be enriched with New or better metrics. New key area of concerns. Better assessments means like natural language processing tecniques. ● The result has been implemented in Alambic, an OSS framework for software project data management. Check it online: https://goodgovernance.alambic.io Alambic Home: https://alambic.io
  20. 20. References
  21. 21. 21 References ● OW2 initiative about Good Governance: https://www.ow2.org/view/OSS_Governance/ ● CHAOSS Working Group from the Linux Foundation: https://chaoss.community/ ● Good Governance Quality Model: https://goodgovernance.alambic.io ● Alambic Home: https://alambic.io ● GrimoireLab: https://chaoss.github.io/grimoirelab/ ● ScanCode: https://github.com/nexB/scancode-toolkit

×