Ask HN: Does your company have an open source release policy?

16 points by GauntletWizard ↗ HN
I'm working with some fairly new technology (k8s). There's a lot of simple things that can be done with a few minutes work. I've already got a blanket signoff to contribute to upstream repos, but today I found something that would work best if I release a new repo. I'd like to do it from a corporate perspective, because I think it would be good citizenship, however, we don't have a general policy for how public releases are managed.

Does your company have a general open source release policy? Does it include different patterns for contributing to an existing project, vs creating a new project? What about small vs. large projects; i.e. a small module for common use (leftpad) vs a larger project expecting a community (tools like Envoy, Kubernetes)

If there's examples of open source policies we could simply adopt, that'd be great, too.

5 comments

[ 2.8 ms ] story [ 19.6 ms ] thread
(comment deleted)
Doesn't exactly answer the question as stated, and you seem to not be on the same boat - but I'd like to contribute a flipside story for anybody interested:

I tried to get one together at my last job - got all the way through legal approval and okayed by engineering heads and team leads. But - nothing ever got released as an open source project.

Maybe i didn't push enough, but I also sensed there were invisible obstacles in the way.

For anyone in the same boat - push for it!

My company has this complicated release process for open source software. You have to have a technical review and then a legal review of the package and then it has to go to committee to be signed off. The software can then be released on a specific channel that I've never ever seen someone mention on the Internet.

I'm pretty sure the public release committee would explode if you described pushing commits to a public repo.

For legal reasons I doubt this will change anytime in the near future.

Our company does. It's a mix of technical review by relevant peers plus a dedicated review committee (mostly looking for good docs and company internals). Then we send it off to legal which is a quick turnaround.

It's a pretty new process and we only have one project out there (https://github.com/rallyhealth/szl), but there's a few projects in review.

With this post, I'm actually thinking the next submission should be our OSS review process and guidelines :)