Session: Is this Open Source Project Healthy or Lifeless?
Most of us bet large parts of our business on open source technologies, but how do we decide which projects will continue to be healthy and viable? While there are no sure bets, there are ways we can evaluate these projects to understand our risks and decide which projects are likely to be successful.
This talk will propose questions to ask and how to interpret the answers, including:
- Does the project make regular releases and quickly patch security vulnerabilities? These projects may be more secure.
- Is the project under a foundation, or is it owned by a company? Company owned projects are at a greater risk of changes that are not aligned with community interests.
- How is the project governed, and can others move into leadership positions? Having neutral, preferably elected, leadership provides opportunities for you to influence project decision-making.
- How many people are core contributors, and are they from a diverse set of employers? There should be enough people that the project would continue if something happened to a single person or company.
The audience will walk away with practical advice about how to assess risk and evaluate projects for your organization.