How can you justify — from a business perspective — your team involvement in open source projects?
Why should they spend company time becoming familiar with, and contributing to, open source libraries?
There are many reasons:
- Retention: People love leaving their mark on things used by 1000s of companies. Knowing that code I've written resulted in a 10x speed up in a library used by millions of people, is satisfying. A company fostering open source contributions has an edge in the overheated job market.
- Lead the way: in open source, if you find a library misses some features you need, you can add them.
- Grow: contributing to open source improves your coding and sharpens your communication. You learn about new things when people review your code. You interact with people from different cultures and parts of the world. It's an enriching experience!
- Be seen. We are the first training partner of dbt labs in Europe. They spotted us for our work on dbt, from 2019. Many customers contacted us because they saw GDDers contributing considerably to the tools they were using.
- Go faster: sometimes there are edge cases resulting in bugs, and you can fix them quickly.
A special case though — which I'd file under Go Faster — is security.
Last December, we were all painfully reminded of how actual XKCD 2347 is
In fact, the now infamous Log4j vulnerability made the news.
The Apache Foundation reacted quickly and released an emergency update closing the vulnerability.
If Steve cannot fix the bug timely, troubles await, especially if nobody steps up. (Vendors are not better off. Software such as popular data visualization tool Tableau was also affected by the Log4j vulnerability).
Enhanced security through open source contributions
You can mitigate all these risks if your employees contribute to the libraries you're using though.
They can fix vulnerabilities in the code they use as they're familiar with how it works, how the code is structured, and they have worked through the testing, committing, packaging loop more than once!
GoDataDriven ❤️ Open Source
At GoDataDriven, we couldn't be more proud of all the work we do with open source. Until 2020 we wrote a periodic post with all our contributions. They were so many though, we decided to use the write-up energy to contribute even more!
This is good news: