Is Your Open Source Project Healthy?

Published: Sept. 14, 2020, 9:30 a.m.

When you contribute to open source projects,\xa0Dawn Foster\xa0makes it abundantly clear that even if \u201cyou\u2019re there on behalf of [a] company, you need to do the right things for the community.\u201d In this episode of Community Signal, Dawn outlines the principles that she follows and shepherds as the director of open source community strategy at\xa0VMware\u2019s Open Source Program Office.

These principles foster projects and communities that are collaborative and encouraging, but of course, it does not always pan out that way. Dawn discusses how documentation and education, having a clear commitment from the company managing the open source project, and balancing for collaboration instead of number of contributions can all help to build healthy open source communities.

Unlike social platforms that optimize for getting everyone to contribute an infinite amount, open source projects rely on spreading knowledge and contributions amongst the group. \u201cIn some cases we have open source projects [where] almost all of the contributions are made by a single individual. What happens if that individual wins the lottery and leaves VMware, and doesn\u2019t want to work on this project anymore?\u201d That\u2019s a great question for all of us that manage communities. If our top contributors left tomorrow, who would pull the community forward?

Patrick and Dawn also discuss:

  • Evaluating open source community health
  • The tools and documentation that help with governance
  • Evaluating the risk of contributing to an open source project
Our Podcast is Made Possible By\u2026

If you enjoy our show, please know that it\u2019s only possible with the generous support of our sponsors:\xa0Vanilla, a one-stop shop for online community and\xa0Localist, plan, promote, and measure events for your community.

Big Quotes

Good documentation begets good contribution practices (7:00):\xa0\u201cEven though I\u2019ve been contributing to open source projects for years, every time I pop up in a new community, I still have to read the contribution docs because there will [always] be something that project does in a very specific and nuanced way that the last project I worked on didn\u2019t do. In a lot of cases, people just make mistakes and they don\u2019t really think about what they should have been doing. They just need a little more education.\u201d \u2013@geekygirldawn

Illustrating contributor risk (18:37):\xa0\u201cSome of these big open source projects are maintained by fewer people than you might think. The biggest example I can think of was OpenSSL. There was a huge security vulnerability in OpenSSL. It\u2019s a technology that almost every single company in the world relies on. This vulnerability was going to require a lot of time and effort to fix. What we quickly realized was that OpenSSL was maintained part-time by two people, none of whom were being paid to work on it.\u201d \u2013@geekygirldawn

To truly be open source means to cede a bit of control (23:20):\xa0\u201cYou don\u2019t, as a company, want to dominate the entire [open source] project because if you do that, you might as well never have open sourced it. You might as well have kept it proprietary. The whole purpose of open sourcing it is you collaborate together, and you innovate, and you get ideas that you wouldn\u2019t have otherwise had as a company.\u201d \u2013@geekygirldawn

Open source thrives through collaboration (26:41):\xa0\u201cSome of the more social platforms, it\u2019s like the more social, the better. Collaboration doesn\u2019t necessarily work that way. You don\u2019t get more collaboration because I did more stuff. You get more collaboration because you got more people involved, and you gave them some space to contribute.\u201d \u2013@geekygirldawn

The benefit of neutral foundations for open source projects (29:42):\xa0\u201cWhat you get by putting [an open source] project into these neutral foundations is some assurance that everybody\u2019s working together on a level playing field. If I want to contribute to a Linux Foundation project, I can rest assured that I can participate on the same field as everybody else. Whereas, if the project is owned by a particular company and they have their own agenda that may or may not align with the community\u2019s best interest, they may take things in a different direction. They may not accept your contribution because it competes with something that they have.\u201d \u2013@geekygirldawn

About Dawn Foster

Dawn Foster\xa0is the director of open source community strategy within\xa0VMware\u2019s Open Source Program Office. She is on the board of\xa0OpenUK, an organization committed to developing and sustaining UK leadership and open technology. Dawn is on the governing board and is a maintainer for the\xa0Linux Foundation\u2019s CHAOSS project\xa0and the board of advisors for\xa0Bitergia. She has 20-plus years of experience at companies like Intel and Puppet Labs, with expertise in community building strategy, open source software, metrics, and more.

Dawn holds a PhD from the University of Greenwich, along with an MBA and Bachelors in Computer Science. She has spoken at dozens of industry events, including many Linux Foundation events, OSCON, SXSW, FOSDEM, and more.

Related Links Transcript Your Thoughts

If you have any thoughts on this episode that you\u2019d like to share, please leave me a comment,\xa0send me an email\xa0or a\xa0tweet. If you enjoy the show, we would be so grateful if you spread the word and supported\xa0Community Signal on Patreon.