about OpenSource • The usage of open source software is growing every year • Even most closed source projects depend on open source today • Today many companies trust in open source
to use open source • What aspects were important to you when choosing open source based solutions in your company? 87 % 85 % open standards big community 81 % security 80 % no vendor lock-in 79 % stability 78 % cost savings transparency & trust 75 %
do we trust? • Open source means that the sources of a product can be seen / requested by everyone • Open source does not mean that everybody can mutate the source
is it more secure? • Based on GitHub there is a 59% change to receive a security alert / issue within the next 12 month • Common Vulnerabilities and Exposures (CVE) are tracked in open databases (see http://cve.mitre.org) Based on your dependencies
is it more secure? • Tools like dependabot automatically inform you on critical issues in your dependencies • Example based on CVE-2020-8203 (in lodash) Common JS lib 04.23.2012 vulerability created in lodash 07.08.2020 vulerability fi xed in lodash 07.15.2020 over 5 million projects receive dependabot alert 10.02.2020 over 40% of projects have upgraded to fi xed version github.com
to Git(Hub) ? • GitHub makes the usage of GIT very easy and provide visual tooling for work fl ows • But a user needs to understand GIT to contribute to projects • You can fi nd many very good tutorials online https://rogerdudler.github.io/git-guide/
than a repository • Best starting points are issues • Mostly all people start at GitHub by creating an issue for an open source project • Have you already created an issue?
contribute • A Pull request is the work fl ow that allows user to contribute to projects • Pull requests let you tell others about changes you want to add to a repository • A pull request can be commented and reviewed • Follow-up commits can be added • The changes of a pull request can be merged by a maintainer of the project
+ Test of Integration • Several tools can interact with GitHub • Automatically build & deploy pull request and integration results • Examples are Netli fl y or Heroku
Requests in Enterprise • GitHub published some average numbers regarding the timing of pull requests • The numbers are based on enterprise (non-hobby) projects pull request opened fi rst review done last review done pull request merged github.com review requested 1h 36m to merge pull request 54m till fi rst review 12m till merge
OpenJDK project at Git • JavaFX is (still) part of OpenJDK • JavaFX was the fi rst project of the OpenJDK that has been migrated to git & GitHub • With project Skara the OpenJDK is moved to git & GitHub https://github.com/openjdk/jfx
OpenJDK project at Git • Since OpenJDK projects are now hosted at GitHub contribution is super easy • Every GitHub user can create a PR (+ some paperwork to have you checked as a valid OpenJDK commiter)
OS Builds with GitHub Actions • OpenJDK projects already use GitHub Actions for CI tasks • Automatically build and test JavaFX on all 3 big operation systems for each pull request https://github.com/openjdk/jfx/pull/619/checks
OS Builds with GitHub Actions • GitHub Actions can do more • Every used test containers in an enterprise project? • Just let GitHub run thousands of integration tests for you
for OpenJDK • Happily more and more people of the Java community contribute to OpenJDK • Good tutorials and 'Getting started' guides are missing We are working on that issue
not 'Eclipse AdoptOpenJDK' ? • The answer is quite simple: • The Eclipse Foundation trademarks all names and 'AdoptOpenJDK' is just not trademark able OpenJDK Java ® ®
call the distro 'Adoptium' ... • NO! We want to be convenient: Like ___________ provides ___________ the Adoptium project provides Temurin Azul Systems Zulu Amazon Coretto Bellsoft Liberica Oracle Oracle JDK
Adoptium is MORE • NO! Adoptium is much more than 'just the binaries': AQAVIT is the quality and runtime branding evaluation project for Java SE runtimes and associated technology. Any Java runtime Open source AQAVIT test & benchmark suite Enterprise ready runtime
Speci fi cations • JakartaEE / Micropro fi le is not 'old JavaEE' • JakartaEE / Micropro fi le speci fi cations are used by Spring Boot, Micronaut, Quarkus, ... • When you create enterprise applications and (micro-)services in Java you need to know and use the specs
Speci fi cations • A spec always contains 3 parts: • API that contains the Java interfaces, annotations... • SPEC that contains the documentation of the API, its usage and interoperability with other speci fi cations • TCK that contains a test kit to validate the full functionality of an implementation
Foundation • Both JakartaEE and Micropro fi le are top level projects at Eclipse Foundation • An open source foundation allows a transparent and solid support and sponsoring by companies and organisations • An open source foundation provides work fl ows, rules, infrastructure and support (for example in marketing issues)
Foundation • All projects and speci fi cations are hosted at GitHub • Everybody can do a pull request • Contributions and discussions are more than welcome • Attend a meeting to start your open source journey! https://bit.ly/3l4I4E5 Jakarta EE Community Calendar
• A month long celebration of open source software • It happens every year in October. • Everyone can support open-source by contributing changes, and then earn a limited edition swag https://hacktoberfest.digitalocean.com Visit
First Issue • Search for issues that are labeled with 'good fi rst issue' • As a maintainer take care to have such issues... • ... with a good description and additional help
First Issue Description of the issue Best to add examples and name needed Actions Generic information Step by step information of the work fl ow Generic information of the project Links for questions, documentation and contact options
OS Camp • Du fi ndest die gezeigten Themen spannende • Du hast keine Ahnung wo du anfangen sollst? • Das Cyberland hat ein neues Event-Format für dich!
OS Camp • Keynote von Adam Bien • Vorstellung der Eclipse Projekte von Commiter:innen Wenn dieser Vortrag wieder zum besten gewählt wird, gibt es nächstes Jahr einen Adam Bien Starschnitt zum Ausdrucken !!!
OS Camp • Keynote von Adam Bien • Vorstellung der Eclipse Projekte von Commiter:innen Wenn dieser Vortrag wieder zum besten gewählt wird, gibt es nächstes Jahr einen Adam Bien Starschnitt zum Ausdrucken !!! Scherz!!! Wenn dieser Vortrag nicht gewählt wird, gibt es einen Starschnitt von mir!!!!
Open Source Stipendium • Der iJUG möchte seine Mitglieder:innen fördern • Der iJUG ist Eclipse Member & Mitglied in den Adoptium, Micropro fi le & JakartaEE Arbeitsgruppen • Fördert Mitarbeit an Projekten z.B. durch Freikarte zum JavaLand https://github.com/ijug-ev/Stipendium
for Action • Contribution to open source projects becomes easier every day • Join initiatives like the Cyberland open source camp • Start with simple tasks like typos or documentation • Ask questions, create issues, listen to other commiters
hendrikebbers
pocke
jinwatanabe
nozomutu
kntkymt
javiergs
koic
syumai
pyama86
nao_mk2
chobishiba
wagyu
wemra
rkendrick25
ks91
elsirapls
427marketing
michielstock
mfonobong
mraible
mlcsv
pauljervisheath
rocio
addyosmani
joshbly
