Open Source Governance in a small to medium size company ...

FOSSBazaar is no longer being updated. The information on this site is preserved for your convenience but may be out of date. Please visit Linux Foundation's Open Compliance Program for current information and activities.

fetemadi's picture

Having been involved with Open Source Software (OSS) in companies large and small, one of many issues that arise is the importance of establishing guidelines to assist with and promote the use of OSS both internally and in product development as well as conforming with the many different licensing requirements that may at times even appear to be contradictory and conflicting amongst different OSS products.


Also keep in mind that some OSS snippets have a long track history as to their origin and may appear in different OSS code bases.  these tracks are not easily identified without the use of a sophisticated (and usually expensive) software auditing tool.


And not all companies can afford a costly code analyzer.  Some companies are not even aware that such monitoring tools even exists.


Ultimately, the success of OSS is - in parts - in its acceptance in the commercial world, so the contributors to OSS can benefit from their efforts not just academically but commercially.


And keep in mind the "hybrid" code which constitutes both proprietary and OSS codes and that more and more products shipped with OSS may be of hybrid nature as time goes by.


So, in a larger company with appropriate budgetting, the perceived overhead of OSS governance and its framework can be absorbed with much less impact to the overall product development.


Yet, for small to medium size company, establishing the comlex framework is in most part cost and resource prohibitive.  Although the company puts in place the necessary guidelines on the use of OSS, it may have to rely on human auditing to prevent any inadvertant use of the OSS.


To promote the development, acceptance, use, and contribution to OSS, attempts must be made by the promoting (and contributing) organization to not only encourqage the use of OSS, but also provide means of managing and governance in a most cost/resource effective manner to the users of OSS, otherwise the use of OSS products (particularly in a hybrid development) will deminish to a point which makes OSS a nice academic exercise with uncertain future.  this particularly applies to the more and more stringent licensing schemes coming through various OSS communities.