SlideShare ist ein Scribd-Unternehmen logo

Managing Open Source with an OSPO

Gil Yehuda
Gil Yehuda

This document discusses the need for companies to establish an Open Source Program Office (OSPO) to manage their open source governance processes. It outlines six key governance areas an OSPO must consider, including using open source in projects, publishing code to existing or new projects, and reviewing employee publications. The document also provides examples of common questions that arise regarding inbound and outbound open source activities and notes that an effective OSPO process involves cross-functional partners like legal and engineering. The overall message is that mid-to-large tech companies require an OSPO to successfully navigate open source governance, but each company can structure their OSPO differently depending on their needs.

Leadership & Management
1 von 16
By: Gil Yehuda *But were afraid to ask
My Presentation Goals Share corporate perspective on Open Source Highlight non-tech aspects of governance Invite you to consider how this works at your company
Why an open source program office? Companies with OSPO’s are more successful at managing Open Source Diverse developer skills requires consistency in corporate approach Having no process will create chaos and risk Corporate contributions to open source is essential You will have open source goals that don’t get met magically Questions come up all the time requiring someone to own the issue
6 governance areas you must consider when developing your Open Source Program Office Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications
Larger Open Source Program Office Context Technology strategy Assets Trends Business strategy Patent strategy Research Partners Talent strategy Code Management Tooling Scanning Mirroring Incident Management 3rd party Github Access Management Team Management Metrics portals Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications Strategy Governance Operations
Inbound Questions: what I’m thinking, what I’m asking License issues Technical Suitability Engineering Standards 1. Where’s the code? 2. What’s the license? 3. To use in which project? 4. Does this code leave our servers (e.g. a mobile app, JavaScript, desktop?) 5. Would we modify this code? 6. Any reason not to contribute to this project? 7. Does this replace technology we already use? 8. Who else reviewed this?
Inbound code via an acquisition Are we buying their mistakes? What’s in their code? What can we learn about their engineering? Can we help with a “special issue” situation? We can’t see their code, but we can ask them to list open source code and ask to run a code scan. Note: 1. Self-disclosures are never accurate, but they are a good start. 2. Mobile apps should have a credits UI. 3. Scan results reveal engineering sloppiness. 4. Some deals have special (legal) issues where the scan process can help.
Inbound Process is more than open source license checking Involve other partners: • Legal - license questions • Engineering - code suitability • Architects - tech standards • Paranoids - what’s in the code • BizDev - if we acquire code Inbound Process Approval Usage instructions Complicating factors Approval filters Code / License
Let’s focus on the Outbound cases… Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications
Outbound Questions: what I’m thinking, what I’m asking Creating a new Open Source project • Should we? • How to best position it Publishing to a existing project • Why not? • How to do it well 1. Was all the code written by an employee? 2. Was it written for a work related project? 3. It is in production? 4. What license will your code use? 5. Did you prepare the code for publication? • Does it have license and copyright text? • Is there a full README? • What’s the PR plan? 6. Why do you want to publish this?
Questions following initial Outbound Request Small like a bug fix or a big-deal project? Any legal concerns? Would anyone get upset? How do we do this properly? CLA Copyright Are we ready to lead another community or dump code? Who’s the community? Do they want this new project? Do we have a PR plan? Is the code inviting? README, installer? Is this ours to publish? Is it cleaned up for publication? Is this novel? Did we file a patent disclosure?
Outbound Process requires a lot more context to discuss Involves other partners: • Legal – License, CLA, Patent questions • Engineering – code reviewed and prepared • PR – is this something we promote, and how? Outbound Process Approval Publication instructions Complicating factors Approval filters Code Desired outcome
Product Pre-release • Before publishing a distributed app you need to verify you’ve attributed the code properly. App Credits: AFNetworking Project code: https://github.com/AFNetworking… Copyright (c) 2011, Gowalla (http://gowalla.com) License (MIT) https://github.com/AFNetworking... … • In rare situations you discover the need to publish code you did not expect to publish. Launch Process (OSS Step) Attribution UI Oops code Complicating factors Code scan Product (e.g. Mobile app)
Employee Questions • Pre-hires ask to work on open source. • Engineers publish “their own” code. • Engineers leaving want to take code. • We discover our code somewhere. Copyright Assignment Business Priorities Ethical behaviors When is my code, my code? IANALBUT Here’s how to do this properly.
Summary and Takeaway • Mid to large tech companies need an OSPO to manage governance processes. • The //TODO Group companies each run an OSPO, but we run them differently. That’s OK. • Ask me/us for help. OSPO is a service Educate with each interaction License and code whitelists don’t work Simplify: Ask & Get Help
Thanks! Now come over and say hi. gyehuda@yahoo-inc.com www.gilyehuda.com

Empfohlen

Rise of the Open Source Program Office for LinuxCon 2016
Rise of the Open Source Program Office for LinuxCon 2016Rise of the Open Source Program Office for LinuxCon 2016
Rise of the Open Source Program Office for LinuxCon 2016Gil Yehuda
 
Creating Authentic Value: Open Source vs. Open Core
Creating Authentic Value: Open Source vs. Open CoreCreating Authentic Value: Open Source vs. Open Core
Creating Authentic Value: Open Source vs. Open CoreDeborah Bryant
 
Free Open Source Software over Proprietary Software
Free Open Source Software over Proprietary SoftwareFree Open Source Software over Proprietary Software
Free Open Source Software over Proprietary SoftwareKawshalya Dushyan
 
Augmenting and Automating DevOps with Artificial Intelligence
Augmenting and Automating DevOps with Artificial IntelligenceAugmenting and Automating DevOps with Artificial Intelligence
Augmenting and Automating DevOps with Artificial IntelligenceEficode
 
Open Source Impact on Digital Transformation
Open Source Impact on Digital TransformationOpen Source Impact on Digital Transformation
Open Source Impact on Digital TransformationHarsha Kumara
 
BUDDY White Paper
BUDDY White PaperBUDDY White Paper
BUDDY White PaperAchmad Surya Afandy
 
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...DevOps.com
 
One company's journey to an open culture and innersource
One company's journey to an open culture and innersourceOne company's journey to an open culture and innersource
One company's journey to an open culture and innersourceJay Hopia
 

Empfohlen

Rise of the Open Source Program Office for LinuxCon 2016
Rise of the Open Source Program Office for LinuxCon 2016Rise of the Open Source Program Office for LinuxCon 2016
Rise of the Open Source Program Office for LinuxCon 2016Gil Yehuda
 
Creating Authentic Value: Open Source vs. Open Core
Creating Authentic Value: Open Source vs. Open CoreCreating Authentic Value: Open Source vs. Open Core
Creating Authentic Value: Open Source vs. Open CoreDeborah Bryant
 
Free Open Source Software over Proprietary Software
Free Open Source Software over Proprietary SoftwareFree Open Source Software over Proprietary Software
Free Open Source Software over Proprietary SoftwareKawshalya Dushyan
 
Augmenting and Automating DevOps with Artificial Intelligence
Augmenting and Automating DevOps with Artificial IntelligenceAugmenting and Automating DevOps with Artificial Intelligence
Augmenting and Automating DevOps with Artificial IntelligenceEficode
 
Open Source Impact on Digital Transformation
Open Source Impact on Digital TransformationOpen Source Impact on Digital Transformation
Open Source Impact on Digital TransformationHarsha Kumara
 
BUDDY White Paper
BUDDY White PaperBUDDY White Paper
BUDDY White PaperAchmad Surya Afandy
 
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...
Accelerate Your Digital Transformation Journey with Cloud Native and Low-Cod...DevOps.com
 
One company's journey to an open culture and innersource
One company's journey to an open culture and innersourceOne company's journey to an open culture and innersource
One company's journey to an open culture and innersourceJay Hopia
 
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...South Tyrol Free Software Conference
 
Opticks - Journey To Open-Source
Opticks - Journey To Open-SourceOpticks - Journey To Open-Source
Opticks - Journey To Open-SourceKip Streithorst
 
Success Factors of FOSS Adoption
Success Factors of FOSS AdoptionSuccess Factors of FOSS Adoption
Success Factors of FOSS AdoptionAlexei Fedotov
 
Low code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra KumarLow code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra KumarSwatantra Kumar
 
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovixapidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovixapidays
 
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...apidays
 
Oss model, lifecycle & development
Oss model, lifecycle & developmentOss model, lifecycle & development
Oss model, lifecycle & developmentShafiul Azam Chowdhury
 
SFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During CoronaSFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During CoronaSouth Tyrol Free Software Conference
 
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of LibertySFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of LibertySouth Tyrol Free Software Conference
 
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...apidays
 
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...GRUC
 
ATAGTR2017 ChatBot
ATAGTR2017 ChatBotATAGTR2017 ChatBot
ATAGTR2017 ChatBotAgile Testing Alliance
 
Adopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHubAdopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHubSmartBear
 
The Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and OpportuntiesThe Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and OpportuntiesPaula Hunter
 
ATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web contentATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web contentAgile Testing Alliance
 
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...South Tyrol Free Software Conference
 
The Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationThe Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationPronovix
 
Microsoft ve Açık Kaynak
Microsoft ve Açık KaynakMicrosoft ve Açık Kaynak
Microsoft ve Açık KaynakMehmet Aydın Bahadır
 
Open Source as an Element of Corporate Strategy
Open Source as an Element of Corporate StrategyOpen Source as an Element of Corporate Strategy
Open Source as an Element of Corporate StrategyBlack Duck by Synopsys
 
20080602 Microsoft and Open Source
20080602 Microsoft and Open Source20080602 Microsoft and Open Source
20080602 Microsoft and Open SourceDavid Chou
 
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009eLiberatica
 
Managing and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPMManaging and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPMCA Technologies
 

Weitere ähnliche Inhalte

Was ist angesagt?

SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...South Tyrol Free Software Conference
 
Opticks - Journey To Open-Source
Opticks - Journey To Open-SourceOpticks - Journey To Open-Source
Opticks - Journey To Open-SourceKip Streithorst
 
Success Factors of FOSS Adoption
Success Factors of FOSS AdoptionSuccess Factors of FOSS Adoption
Success Factors of FOSS AdoptionAlexei Fedotov
 
Low code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra KumarLow code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra KumarSwatantra Kumar
 
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovixapidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovixapidays
 
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...apidays
 
SFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During CoronaSFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During CoronaSouth Tyrol Free Software Conference
 
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of LibertySFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of LibertySouth Tyrol Free Software Conference
 
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...apidays
 
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...GRUC
 
Adopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHubAdopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHubSmartBear
 
The Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and OpportuntiesThe Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and OpportuntiesPaula Hunter
 
ATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web contentATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web contentAgile Testing Alliance
 
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...South Tyrol Free Software Conference
 
The Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationThe Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationPronovix
 

Was ist angesagt? (18)

SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
SFScon21 - Cédric Thomas - The OW2 Market Readiness Levels method. A tool for...
 
Opticks - Journey To Open-Source
Opticks - Journey To Open-SourceOpticks - Journey To Open-Source
Opticks - Journey To Open-Source
 
Success Factors of FOSS Adoption
Success Factors of FOSS AdoptionSuccess Factors of FOSS Adoption
Success Factors of FOSS Adoption
 
Low code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra KumarLow code - empower the capability to accelerate | Swatantra Kumar
Low code - empower the capability to accelerate | Swatantra Kumar
 
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovixapidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
apidays LIVE Paris 2021 - Who writes the Docs? by Laura Vass, Pronovix
 
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...
 
Oss model, lifecycle & development
Oss model, lifecycle & developmentOss model, lifecycle & development
Oss model, lifecycle & development
 
SFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During CoronaSFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
SFScon 21 - Alexander Sander - Public Money? Public Code! During Corona
 
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of LibertySFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
SFSCon19 - Deborah Bryant - Eternal Vigilance is the Price of Liberty
 
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
apidays LIVE Hong Kong - Why you need a DevRel team for your API by Anna Tsol...
 
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
Webcast Presentation: Accelerate Continuous Delivery with Development Testing...
 
ATAGTR2017 ChatBot
ATAGTR2017 ChatBotATAGTR2017 ChatBot
ATAGTR2017 ChatBot
 
Adopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHubAdopting a Design-First Approach to API Development with SwaggerHub
Adopting a Design-First Approach to API Development with SwaggerHub
 
The Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and OpportuntiesThe Open Source Project Lifecycle, Challenges and Opportunties
The Open Source Project Lifecycle, Challenges and Opportunties
 
ATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web contentATAGTR2017 SPEAKING EYE for differently abled people to see the web content
ATAGTR2017 SPEAKING EYE for differently abled people to see the web content
 
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
SFScon21 - Noemi Maglio - Community, Cooperation and Co-business with open so...
 
The Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationThe Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital Transformation
 
Microsoft ve Açık Kaynak
Microsoft ve Açık KaynakMicrosoft ve Açık Kaynak
Microsoft ve Açık Kaynak
 

Andere mochten auch

Open Source as an Element of Corporate Strategy
Open Source as an Element of Corporate StrategyOpen Source as an Element of Corporate Strategy
Open Source as an Element of Corporate StrategyBlack Duck by Synopsys
 
20080602 Microsoft and Open Source
20080602 Microsoft and Open Source20080602 Microsoft and Open Source
20080602 Microsoft and Open SourceDavid Chou
 
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009eLiberatica
 
Managing and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPMManaging and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPMCA Technologies
 
Application Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solutionApplication Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solutionCarolyn Reid
 
Annette Zimmermann (Gartner) Intro to the AR+VR Market Opportunity
Annette Zimmermann (Gartner) Intro to the AR+VR Market OpportunityAnnette Zimmermann (Gartner) Intro to the AR+VR Market Opportunity
Annette Zimmermann (Gartner) Intro to the AR+VR Market OpportunityAugmentedWorldExpo
 
Application Portfolio Rationalization
Application Portfolio RationalizationApplication Portfolio Rationalization
Application Portfolio RationalizationBob Rhubart
 
Rationalizing an Enterprise IT Architecture
Rationalizing an Enterprise IT ArchitectureRationalizing an Enterprise IT Architecture
Rationalizing an Enterprise IT ArchitectureBob Rhubart
 
2016 Future of Open Source Survey Results
2016 Future of Open Source Survey Results2016 Future of Open Source Survey Results
2016 Future of Open Source Survey ResultsBlack Duck by Synopsys
 

Andere mochten auch (9)

Open Source as an Element of Corporate Strategy
Open Source as an Element of Corporate StrategyOpen Source as an Element of Corporate Strategy
Open Source as an Element of Corporate Strategy
 
20080602 Microsoft and Open Source
20080602 Microsoft and Open Source20080602 Microsoft and Open Source
20080602 Microsoft and Open Source
 
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009
 
Managing and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPMManaging and Rationalizing the Application Portfolio with CA PPM
Managing and Rationalizing the Application Portfolio with CA PPM
 
Application Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solutionApplication Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solution
 
Annette Zimmermann (Gartner) Intro to the AR+VR Market Opportunity
Annette Zimmermann (Gartner) Intro to the AR+VR Market OpportunityAnnette Zimmermann (Gartner) Intro to the AR+VR Market Opportunity
Annette Zimmermann (Gartner) Intro to the AR+VR Market Opportunity
 
Application Portfolio Rationalization
Application Portfolio RationalizationApplication Portfolio Rationalization
Application Portfolio Rationalization
 
Rationalizing an Enterprise IT Architecture
Rationalizing an Enterprise IT ArchitectureRationalizing an Enterprise IT Architecture
Rationalizing an Enterprise IT Architecture
 
2016 Future of Open Source Survey Results
2016 Future of Open Source Survey Results2016 Future of Open Source Survey Results
2016 Future of Open Source Survey Results
 

Ähnlich wie Managing Open Source with an OSPO

Breaking Free from Proprietary Gravitational Pull
Breaking Free from Proprietary Gravitational PullBreaking Free from Proprietary Gravitational Pull
Breaking Free from Proprietary Gravitational PullGreat Wide Open
 
Automated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps NextAutomated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps NextPerfecto by Perforce
 
Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations? Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations? Source Code Control Limited
 
Software audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBSoftware audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBnexB Inc.
 
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...Technical Due Diligence for M&A: A Perspective from Corporate Development at ...
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...Black Duck by Synopsys
 
To Open Source or Not to Open Source...Where is the ROI?
To Open Source or Not to Open Source...Where is the ROI?To Open Source or Not to Open Source...Where is the ROI?
To Open Source or Not to Open Source...Where is the ROI?Ted Haeger
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainShane Coughlan
 
Software Audit Strategies - How often is good enough for a software audit?
Software Audit Strategies - How often is good enough for a software audit? Software Audit Strategies - How often is good enough for a software audit?
Software Audit Strategies - How often is good enough for a software audit? Tiberius Forrester
 
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...WSO2
 
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...FINOS
 
InnerSourcing - Worldwide enterprise development teams collaboration
InnerSourcing - Worldwide enterprise development teams collaborationInnerSourcing - Worldwide enterprise development teams collaboration
InnerSourcing - Worldwide enterprise development teams collaborationJulian Werba
 
IDCEE 2013: How to do a successful company around open source - Michael Widen...
IDCEE 2013: How to do a successful company around open source - Michael Widen...IDCEE 2013: How to do a successful company around open source - Michael Widen...
IDCEE 2013: How to do a successful company around open source - Michael Widen...IDCEE
 
Build your business on top of Open Source
Build your business on top of Open SourceBuild your business on top of Open Source
Build your business on top of Open SourceAntonio Peric-Mazar
 
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...Cuneiform Consulting Pvt Ltd.
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015Rogue Wave Software
 
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...Schlomo Schapiro
 
Introducing the Open Advertising Protocol
Introducing the Open Advertising ProtocolIntroducing the Open Advertising Protocol
Introducing the Open Advertising ProtocolJoe Pych
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Empower Your Projects with Low Code No Code Development Services
Empower Your Projects with Low Code No Code Development ServicesEmpower Your Projects with Low Code No Code Development Services
Empower Your Projects with Low Code No Code Development ServicesMetafic
 

Ähnlich wie Managing Open Source with an OSPO (20)

Breaking Free from Proprietary Gravitational Pull
Breaking Free from Proprietary Gravitational PullBreaking Free from Proprietary Gravitational Pull
Breaking Free from Proprietary Gravitational Pull
 
Automated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps NextAutomated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps Next
 
Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations? Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations?
 
Software audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBSoftware audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexB
 
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...Technical Due Diligence for M&A: A Perspective from Corporate Development at ...
Technical Due Diligence for M&A: A Perspective from Corporate Development at ...
 
To Open Source or Not to Open Source...Where is the ROI?
To Open Source or Not to Open Source...Where is the ROI?To Open Source or Not to Open Source...Where is the ROI?
To Open Source or Not to Open Source...Where is the ROI?
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply Chain
 
Software Audit Strategies - How often is good enough for a software audit?
Software Audit Strategies - How often is good enough for a software audit? Software Audit Strategies - How often is good enough for a software audit?
Software Audit Strategies - How often is good enough for a software audit?
 
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
 
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
 
InnerSourcing - Worldwide enterprise development teams collaboration
InnerSourcing - Worldwide enterprise development teams collaborationInnerSourcing - Worldwide enterprise development teams collaboration
InnerSourcing - Worldwide enterprise development teams collaboration
 
IDCEE 2013: How to do a successful company around open source - Michael Widen...
IDCEE 2013: How to do a successful company around open source - Michael Widen...IDCEE 2013: How to do a successful company around open source - Michael Widen...
IDCEE 2013: How to do a successful company around open source - Michael Widen...
 
Build your business on top of Open Source
Build your business on top of Open SourceBuild your business on top of Open Source
Build your business on top of Open Source
 
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...
www-thecuneiform-com-insights-why-how-code-audit-is-important-for-our-website...
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015
 
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
 
Introducing the Open Advertising Protocol
Introducing the Open Advertising ProtocolIntroducing the Open Advertising Protocol
Introducing the Open Advertising Protocol
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Code audition
Code auditionCode audition
Code audition
 
Empower Your Projects with Low Code No Code Development Services
Empower Your Projects with Low Code No Code Development ServicesEmpower Your Projects with Low Code No Code Development Services
Empower Your Projects with Low Code No Code Development Services
 

Kürzlich hochgeladen

CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceanilsa9823
 
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Pooja Nehwal
 
CEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyCEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyHafizMuhammadAbdulla5
 
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607dollysharma2066
 
Does Leadership Possible Without a Vision.pptx
Does Leadership Possible Without a Vision.pptxDoes Leadership Possible Without a Vision.pptx
Does Leadership Possible Without a Vision.pptxSaqib Mansoor Ahmed
 
Continuous Improvement Infographics for Learning
Continuous Improvement Infographics for LearningContinuous Improvement Infographics for Learning
Continuous Improvement Infographics for LearningCIToolkit
 
operational plan ppt.pptx nursing management
operational plan ppt.pptx nursing managementoperational plan ppt.pptx nursing management
operational plan ppt.pptx nursing managementTulsiDhidhi1
 
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...Pooja Nehwal
 
internal analysis on strategic management
internal analysis on strategic managementinternal analysis on strategic management
internal analysis on strategic managementharfimakarim
 
Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...Hedda Bird
 
Construction Project Management | Coursera 2024
Construction Project Management | Coursera 2024Construction Project Management | Coursera 2024
Construction Project Management | Coursera 2024Alex Marques
 
Day 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampDay 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampPLCLeadershipDevelop
 
Reviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptxReviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptxAss.Prof. Dr. Mogeeb Mosleh
 

Kürzlich hochgeladen (20)

CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
 
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
 
CEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyCEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biography
 
Empowering Local Government Frontline Services - Mo Baines.pdf
Empowering Local Government Frontline Services - Mo Baines.pdfEmpowering Local Government Frontline Services - Mo Baines.pdf
Empowering Local Government Frontline Services - Mo Baines.pdf
 
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Baderpur Delhi | +91-8377087607
 
Rohini Sector 16 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 16 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 16 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 16 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Does Leadership Possible Without a Vision.pptx
Does Leadership Possible Without a Vision.pptxDoes Leadership Possible Without a Vision.pptx
Does Leadership Possible Without a Vision.pptx
 
Unlocking the Future - Dr Max Blumberg, Founder of Blumberg Partnership
Unlocking the Future - Dr Max Blumberg, Founder of Blumberg PartnershipUnlocking the Future - Dr Max Blumberg, Founder of Blumberg Partnership
Unlocking the Future - Dr Max Blumberg, Founder of Blumberg Partnership
 
Continuous Improvement Infographics for Learning
Continuous Improvement Infographics for LearningContinuous Improvement Infographics for Learning
Continuous Improvement Infographics for Learning
 
operational plan ppt.pptx nursing management
operational plan ppt.pptx nursing managementoperational plan ppt.pptx nursing management
operational plan ppt.pptx nursing management
 
Disrupt or be Disrupted - Kirk Vallis.pdf
Disrupt or be Disrupted - Kirk Vallis.pdfDisrupt or be Disrupted - Kirk Vallis.pdf
Disrupt or be Disrupted - Kirk Vallis.pdf
 
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
Call Now Pooja Mehta : 7738631006 Door Step Call Girls Rate 100% Satisfactio...
 
LoveLocalGov - Chris Twigg, Inner Circle
LoveLocalGov - Chris Twigg, Inner CircleLoveLocalGov - Chris Twigg, Inner Circle
LoveLocalGov - Chris Twigg, Inner Circle
 
internal analysis on strategic management
internal analysis on strategic managementinternal analysis on strategic management
internal analysis on strategic management
 
Intro_University_Ranking_Introduction.pptx
Intro_University_Ranking_Introduction.pptxIntro_University_Ranking_Introduction.pptx
Intro_University_Ranking_Introduction.pptx
 
Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...
 
Construction Project Management | Coursera 2024
Construction Project Management | Coursera 2024Construction Project Management | Coursera 2024
Construction Project Management | Coursera 2024
 
Day 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampDay 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC Bootcamp
 
Imagine - Creating Healthy Workplaces - Anthony Montgomery.pdf
Imagine - Creating Healthy Workplaces - Anthony Montgomery.pdfImagine - Creating Healthy Workplaces - Anthony Montgomery.pdf
Imagine - Creating Healthy Workplaces - Anthony Montgomery.pdf
 
Reviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptxReviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptx
 

Managing Open Source with an OSPO

  • 1. By: Gil Yehuda *But were afraid to ask
  • 2. My Presentation Goals Share corporate perspective on Open Source Highlight non-tech aspects of governance Invite you to consider how this works at your company
  • 3. Why an open source program office? Companies with OSPO’s are more successful at managing Open Source Diverse developer skills requires consistency in corporate approach Having no process will create chaos and risk Corporate contributions to open source is essential You will have open source goals that don’t get met magically Questions come up all the time requiring someone to own the issue
  • 4. 6 governance areas you must consider when developing your Open Source Program Office Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications
  • 5. Larger Open Source Program Office Context Technology strategy Assets Trends Business strategy Patent strategy Research Partners Talent strategy Code Management Tooling Scanning Mirroring Incident Management 3rd party Github Access Management Team Management Metrics portals Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications Strategy Governance Operations
  • 6. Inbound Questions: what I’m thinking, what I’m asking License issues Technical Suitability Engineering Standards 1. Where’s the code? 2. What’s the license? 3. To use in which project? 4. Does this code leave our servers (e.g. a mobile app, JavaScript, desktop?) 5. Would we modify this code? 6. Any reason not to contribute to this project? 7. Does this replace technology we already use? 8. Who else reviewed this?
  • 7. Inbound code via an acquisition Are we buying their mistakes? What’s in their code? What can we learn about their engineering? Can we help with a “special issue” situation? We can’t see their code, but we can ask them to list open source code and ask to run a code scan. Note: 1. Self-disclosures are never accurate, but they are a good start. 2. Mobile apps should have a credits UI. 3. Scan results reveal engineering sloppiness. 4. Some deals have special (legal) issues where the scan process can help.
  • 8. Inbound Process is more than open source license checking Involve other partners: • Legal - license questions • Engineering - code suitability • Architects - tech standards • Paranoids - what’s in the code • BizDev - if we acquire code Inbound Process Approval Usage instructions Complicating factors Approval filters Code / License
  • 9. Let’s focus on the Outbound cases… Inbound Using Open Source code in projects M&A deals Outbound (publications) Publishing code to existing open source projects Publishing code to new open source projects Outbound (per request for services) Product pre-release obligation review Employee’s “private” publications
  • 10. Outbound Questions: what I’m thinking, what I’m asking Creating a new Open Source project • Should we? • How to best position it Publishing to a existing project • Why not? • How to do it well 1. Was all the code written by an employee? 2. Was it written for a work related project? 3. It is in production? 4. What license will your code use? 5. Did you prepare the code for publication? • Does it have license and copyright text? • Is there a full README? • What’s the PR plan? 6. Why do you want to publish this?
  • 11. Questions following initial Outbound Request Small like a bug fix or a big-deal project? Any legal concerns? Would anyone get upset? How do we do this properly? CLA Copyright Are we ready to lead another community or dump code? Who’s the community? Do they want this new project? Do we have a PR plan? Is the code inviting? README, installer? Is this ours to publish? Is it cleaned up for publication? Is this novel? Did we file a patent disclosure?
  • 12. Outbound Process requires a lot more context to discuss Involves other partners: • Legal – License, CLA, Patent questions • Engineering – code reviewed and prepared • PR – is this something we promote, and how? Outbound Process Approval Publication instructions Complicating factors Approval filters Code Desired outcome
  • 13. Product Pre-release • Before publishing a distributed app you need to verify you’ve attributed the code properly. App Credits: AFNetworking Project code: https://github.com/AFNetworking… Copyright (c) 2011, Gowalla (http://gowalla.com) License (MIT) https://github.com/AFNetworking... … • In rare situations you discover the need to publish code you did not expect to publish. Launch Process (OSS Step) Attribution UI Oops code Complicating factors Code scan Product (e.g. Mobile app)
  • 14. Employee Questions • Pre-hires ask to work on open source. • Engineers publish “their own” code. • Engineers leaving want to take code. • We discover our code somewhere. Copyright Assignment Business Priorities Ethical behaviors When is my code, my code? IANALBUT Here’s how to do this properly.
  • 15. Summary and Takeaway • Mid to large tech companies need an OSPO to manage governance processes. • The //TODO Group companies each run an OSPO, but we run them differently. That’s OK. • Ask me/us for help. OSPO is a service Educate with each interaction License and code whitelists don’t work Simplify: Ask & Get Help
  • 16. Thanks! Now come over and say hi. gyehuda@yahoo-inc.com www.gilyehuda.com