Upgrade to Pro — share decks privately, control downloads, hide ads and more …

An OSPO for OSPOS: How GitHub does open source

Eric Sorenson
May 11, 2023
Technology
0
25

An OSPO for OSPOS: How GitHub does open source

As the OSPO at the home for the world’s developers, GitHub’s OSPO has a unique dual mission: we’re both managing GitHub’s open source projects and helping organizations that use GitHub as the center of their OSS activity. In this talk, Eric will enumerate projects on both sides of that equation and share lessons learned from working within GitHub and with open source communities. Open source ownership: We’re building an inventory of GitHub’s hundreds of orgs and the repos they contain. This project aims to define “durable ownership” for the projects which are still viable and to send the rest of them off into the sunset. License compliance: Like many large organizations, our codebase has thousands of repos and tens of thousands of dependencies. We also have a legal team that wants to make sure these dependencies don’t put us at risk. Building “get right” tooling has been a huge undertaking, but maybe others can learn from our efforts. Org health metrics : We’re always trying to answer questions with data, and a critical one is: are our projects healthy? The dashboard we’re building aims to provide helpful numbers to answer this question based on research from CHAOSS. Attendees will leave the talk with tool and process recommendations and perhaps some coveted Octocat stickers.

Eric Sorenson

May 11, 2023
Tweet

More Decks by Eric Sorenson

See All by Eric Sorenson
GitHub Organization Metrics Dashboard [beta]
ahpook
0
54
Relay by Puppet: the Next Leg
ahpook
0
72
Cloud Native Configuration Management
ahpook
0
4.1k
Welcome to SSLandia: PKI Improvements in Puppet 6
ahpook
0
100
Fourth Generation Configuration Management
ahpook
0
270
Twenty Years of Configuration Management
ahpook
1
190
Open-Source Maintainership and Community in 2016
ahpook
0
330
A Platform for a Roadmap: Mixing Metaphors for Fun and Profit
ahpook
0
74
Puppet and Devops for Automation
ahpook
0
90

Other Decks in Technology

See All in Technology
開発生産性向上サービスを作るFindyが自分たちで開発生産性を爆上げした組織づくりの歩み / Findy's path to boosting its own development productivity 2024-04-17
ma3tk
3
610
Azure犬駆動開発の記録/GlobalAzureFukuoka2024_20240420
nina01
1
200
MLOpsの「壁」を乗り越える、LINEヤフーの Data Quality as Code
lycorptech_jp
PRO
5
390
よく聞くけど使ったことないソフトウェアNo.1 KafkaとSnowflake
foursue
4
340
ServiceNow Knowledge 24の歩き方 EYストラテジー・アンド・コンサルティング
manarobot
0
180
家族アルバム みてねにおけるGrafana活用術 / Grafana Meetup Japan Vol.1 LT
isaoshimizu
1
280
Azure Container Apps + Bicep 〜 こんな感じで運用しています
kaz29
2
440
どうするコスト最適化のトレードオフ
tetsuyaooooo
1
490
[新卒向け研修資料] テスト文字列に「うんこ」と入れるな(2024年版)
infiniteloop_inc
1
6.7k
KubeConにproposalを送りたい人へのアドバイス
sat
PRO
3
230
レガシーをぶっ壊せ。AEONで始めるDevRelの話 / Qiita Night 2024-2-22
aeonpeople
3
1.3k
Terraformあれやこれ/terraform-this-and-that
emiki
8
1.3k

Featured

See All Featured
YesSQL, Process and Tooling at Scale
rocio
164
13k
jQuery: Nuts, Bolts and Bling
dougneiner
59
7.1k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
357
22k
GraphQLとの向き合い方2022年版
quramy
32
12k
Web development in the modern age
philhawksworth
202
10k
How to train your dragon (web standard)
notwaldorf
73
5.2k
Navigating Team Friction
lara
178
13k
Become a Pro
speakerdeck
PRO
11
4.5k
Intergalactic Javascript Robots from Outer Space
tanoku
266
26k
Robots, Beer and Maslow
schacon
PRO
155
7.9k
How to name files
jennybc
65
93k
For a Future-Friendly Web
brad_frost
172
9k

Transcript

  1. May 2023 OSS Summit NA 2023: OSPOCon An OSPO for

    OSPOs: Open Source at GitHub Eric Sorenson // @ahpook // Sr Product Manager, OSPO

  2. May 2023 OSS Summit NA 2023: OSPOCon Let’s build from

    here 100M+ 4M+ 2.6B+ 1,000+ 200M+ Developers Organizations Contributions per year Top open source communities Private + public repositories

  3. May 2023 OSS Summit NA 2023: OSPOCon “ GitHub Open

    source contributions make technology better for everyone. And it has become synonymous with enterprise software, advancing overall innovation for all of us. These developers are part of our teams, and it is our responsibility to support sustainable open source. Thomas Dohmke, CEO

  4. May 2023 OSS Summit NA 2023: OSPOCon GitHub and the

    open source enterprise No single person or team can make the progress that we can all make together.

  5. May 2023 OSS Summit NA 2023: OSPOCon Adding one open

    source library adds thousands of developers to your team.

  6. May 2023 OSS Summit NA 2023: OSPOCon “ Sun Microsystems

    CEO, 2005 Open source software is free like a puppy is free. Scott McNealy

  7. May 2023 OSS Summit NA 2023: OSPOCon How GitHub Does

    Open Source

  8. May 2023 OSS Summit NA 2023: OSPOCon Open source is

    at the core of GitHub 45,000 Unique open source components 40% GitHub employees contributing to open source 2,600+ Open source repositories

  9. May 2023 OSS Summit NA 2023: OSPOCon 1 2 3

    4 Contribute to the projects we rely on Share and maintain our projects Increase open source adoption for the world’s developers Help customers and community improve their open source efforts GitHub’s commitment to open source

  10. May 2023 OSS Summit NA 2023: OSPOCon Git Git Large

    File Storage Core git maintainer Tools Homebrew VS Code Languages React Ruby Go Ecosystem npm Packages Actions marketplace GitHub’s open source contributions

  11. May 2023 OSS Summit NA 2023: OSPOCon GitHub’s Open Source

    Projects GitHub CLI NPM GitHub Desktop CodeQL Dependabot Core

  12. May 2023 OSS Summit NA 2023: OSPOCon Community Involvement

  13. May 2023 OSS Summit NA 2023: OSPOCon Primer Docs Roadmap

    Discussions Publish everything* *some exceptions may apply

  14. May 2023 OSS Summit NA 2023: OSPOCon Lives in public

    GitHub repo. Will only include ships we are comfortable sharing publicly, but that includes enterprise and security products. Public Roadmap

  15. May 2023 OSS Summit NA 2023: OSPOCon GitHub’s Open Source

    Program Office

  16. May 2023 OSS Summit NA 2023: OSPOCon To enable individuals

    at GitHub and beyond to innovate more through open source. GitHub’s Open Source Program Office ensures GitHub consumes open source safely and participates effectively in open source. We also help our customers adopt open source best practices. Mission:

  17. May 2023 OSS Summit NA 2023: OSPOCon Programs: Help GitHub

    and Hubbers Durable Ownership of our code License Compliance Open Source releases Programs and Products Products: Help customers and community Organization Health Metrics Open OSPO Project Friction Fixes

  18. May 2023 OSS Summit NA 2023: OSPOCon OSPO (and friends)

    Programs

  19. May 2023 OSS Summit NA 2023: OSPOCon Scan our codebase

    and alert about potential license problems Goals: • Implement ‘get clean’ workflow • Be minimally annoying • Explore productization License Compliance

  20. May 2023 OSS Summit NA 2023: OSPOCon SPDX Policy OSPO

    Policy Service GitHub App Scan repositories Resolve dependencies Create issues Look up license information

  21. May 2023 OSS Summit NA 2023: OSPOCon • ~350 out

    of 6000 repositories had potential issues, ~1000 in all • Most of these were bad data, very few required code changes • Still too annoying • Fixes: More docs, more automation, more curation, more dry runs • Open source results: github/go-spx, clearlydefined PRs Current state, lessons learned

  22. May 2023 OSS Summit NA 2023: OSPOCon Goal: Reduce business

    risk of unmanaged OSS Key questions: What OSS do we have? Who owns it? Is it safe? Durable Ownership

  23. May 2023 OSS Summit NA 2023: OSPOCon Durable Ownership Lessons

    Backtracking is tough. Get out ahead of your developers if you can! Backstop policy with automation and tools. Make it easy to do the right thing. Provide incentives, not just deterrents. E.g. moving to a new org means looser collaboration restrictions

  24. May 2023 OSS Summit NA 2023: OSPOCon Sustainability and maintainership

    Policy for releasing internal software as OSS Triage and office hours Issue templates and release checklist Open Source Release process

  25. May 2023 OSS Summit NA 2023: OSPOCon OSPO (and friends)

    Products

  26. May 2023 OSS Summit NA 2023: OSPOCon Average sponsorship $

    from an organization is 14x individual Direct financial support for projects your business relies on Organization sponsorships is now GA! Bulk sponsorships let you address a group of dependent projects at once GitHub Sponsors

  27. May 2023 OSS Summit NA 2023: OSPOCon Open conversations about

    the code and the community Less “formal” than an Issue, but attached to a repo for locality of reference Discussions

  28. May 2023 OSS Summit NA 2023: OSPOCon Organization Metrics Dashboard

    Community Standards README Code of Conduct License Contributing Guide Contribution Data Types of contributions over time Overall contribution stats Project Activity Trends in active/inactive repos* Issues and PRs opened vs closed Mean Time to Resolution

  29. May 2023 OSS Summit NA 2023: OSPOCon

  30. May 2023 OSS Summit NA 2023: OSPOCon Tools, policies, and

    guides to help you get started Open-sourced from GitHub’s OSPO Open OSPO Project

  31. May 2023 OSS Summit NA 2023: OSPOCon Get involved, get

    help, and connect with peers in the OSPO community at GitHub

  32. May 2023 OSS Summit NA 2023: OSPOCon github.com/ github/github-ospo Policies,

    tools, and documentation from GitHub’s OSPO program to help you get started community/ospo/discussions Peer-to-peer discussion area for questions about metrics, success stories, and more todogroup/ospology Large community of OSPO practitioners talking about their challenges and approaches

  33. May 2023 OSS Summit NA 2023: OSPOCon Thank you

  34. May 2023 OSS Summit NA 2023: OSPOCon