At Mobility Labs, we encourage open-source development for many of our social impact projects and work with open-source tools for the best solutions. As part of this work, we regularly hear why partners are uncomfortable with the idea. We want to dispel some common open-source myths that we’ve heard.
For your code to be open-source, you should use a platform for sharing the source code. A few platforms exist for this, but the most popular at the moment is GitHub. GitHub gives you a number of tools to share code and manage the software development process. Even teams that create software in a closed environment use GitHub.
Your community and users should know what changes are coming to the software and what changes are not. This also allows them to see how responsive a development team is to their needs. This does not mean every change suggested will be built; rather, it means a user could go to the issue page, find someone already pointed out something they would like, and read the team’s response. This is also the place to ask your community for help, accept help, and discuss longer-term roadmaps.
Without a license, it is not recommended that you release code because contributors and your team need to know what is allowed to be done with the software before they can use it. This can be a headache for your legal department to wrap their heads around; however, it is important to use a well-known license to ensure contributors understand the limitations of using the software. The big four are: MIT, APACHE, GPL, and BSD. These licenses protect the software while at the same time allowing others to make use of it.
You can still own your platform–you’re not giving control of it away at all!
There’s more to your platform than just the code–it also includes your data, as well as the service you’re providing to your users. Allowing the code to be open-source doesn’t enable another person or company to instantly be capable of competing with you, as they would be lacking both the data and your organization’s expertise.
For example, if we look at WordPress, which is one of the most popular platforms in the world, its code base is entirely open-source. However, this doesn’t detract from its strongest offering, which is hosting and support through WordPress.com. WordPress also allows users who are technically savvy to contribute back to the platform through the use of plugins and extend the platform in different and exciting ways, while profiting through its services.
Your data will remain secure if you open up your code; you’re not releasing any of your data to the public through open-source code (though you could if it makes sense for the organization). The distinction lies between code and data: Your data drives your platform, but your code can still function without that exact data.
To address this, the architecture of your code base should be split so that the actual data stored in your platform can be configured to use any data required and should be secured according to the requirements of the data itself. Don’t expose any of this configuration, but provide documentation on the type of configuration that would be required.
Moodle is an example of an open-source LMS (learning management system) that shares code but keeps student and teacher data safe on the server. This does not mean there haven’t been bugs or security issues that occur, but the power of open source is that the community finds out about it, fixes it, and then end users (universities, schools, and companies) can roll out the fixes.
Doing this correctly for open source actually makes your data more secure by ensuring the development team is using best practices and that problems are getting fixed. This also allows external professionals to find mistakes and suggest improvements. No one wants to find out their platform was improperly configured or secured and that their data is now public.
An internal, closed-source project would not permit this, and neither should your open-source project.
Let’s describe what would normally happen on a proprietary code base. You have a set of curated contributors who have access to the code base, and they change it according to client requests. These changes include things like fixing bugs, implementing layout changes, and improving performance. These contributors would then have a process that mandates that their code is reviewed for quality and maintainability, as well as a suite of tests that ensure that the behavior as mandated by the client is both met and not changed through platform modifications. Only after quality checks and testing would the modified code be eligible for merging back in with the original code, as well as deployment to production.
On an open-source project, you should have the same level of rigor with your code base. Your code will still require a review process, as well as tests to ensure that no behavior that has already been decided and agreed upon has changed. An emphasis should be made on code maintainability as part of the review process, which would include mandating that thorough tests are included with any contribution. Just because code makes it into the code base doesn’t mean it is deployed right away.
With open source, there is no change in the way you handle your code and its release process; the only change is who gets to contribute to it.
Another example of this in action is likely the browser you are reading this article with right now: Chrome, Firefox, Safari, and about 30 more. (Sorry, Internet Explorer users!) All of those browsers use some version of Webkit, the engine that determines what shows up on your screen and how. Large companies like Adobe, Apple, Google, and Mozilla have been able to leverage contributions from the open-source community to fix bugs, create new features, and improve performance. You can see what code is in the works by visiting their site (Warning: It’s very technical).
Open source is not the holy grail of software development, but transparency, sustainability, and communication might be. Open source development supports these benefits.
Developers, designers, and subject matter experts decide to work on open-source projects for a number of reasons. To benefit from open-source development, these experts should be attracted to your software.
There are a number of software shops that prefer to work on open-source projects, Mobility Labs is one of them. If you have a social impact project that you want to ensure is sustainable and a pleasure to use, contact us.
You can also contribute to a number of projects in a technical capacity or through documentation and issue reporting. Here is a list of some of our favorites that need help with design, development, documentation, and more:
Signup below to receive updates about what we are up to.