Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
Background: There are a couple of concerns that are not core business for us. They are essential to our core business, but we have no business writing on our own, in terms of manpower, time, and expertise. I am familiar and very comfortable with some open-source implementations, using closed-source-friendly licenses, that could fill these gaps. Closed-source alternatives I either could not find, or were crap.
I put together an informal proposal to show my boss, including the original licenses for each project for legal review. Being a business owner that knows little about the world of open-source, he was initially hesitant when he realized some of these libraries were. I tried to educate him to the best of my abilities (I'm no open-source warrior myself), but he did bring up some valid questions that, in some cases, I don't feel I answered as well as I could have.
Concerns (worded from my boss's prospective)
How do we know and ensure there is no malicious code in an open-source project? Read and understand every line? At that point we could have just written it ourselves!
Who do we blame when things go wrong? With support licenses and a responsible party, we can get things fixed. And if they fail to come through, well... you know.
How do we establish or measure that an approach or implementation in an open-source project is sound, efficient, or good quality?
What sort of liability do we open ourselves up to, in terms of licensing [granted, this is more a question for lawyers and an issue of RFTL].
Question: How have or would you have addressed these concerns?
How do we know and ensure there is no malicious code in an open-source project? Read and understand every line? At that point we could have just written it ourselves!
Same problem with closed source. Actually worse with closed source. With open source at least you CAN review it yourself, or you can take someone else's word for it. With closed source, taking someone's word for it is your only option.
Who do we blame when things go wrong? With support licenses and a responsible party, we can get things fixed. And if they fail to come through, well... you know.
Probably the biggest issue. This depends on which particular solutions you're using. Some things are backed by a reputable vendor (e.g. Red Hat) whereas others have virtually no support. But that "you know" is critical here: ultimately there is no way to guarantee that someone will fix bugs that you encounter when you are using closed source. At least with open source you can hire a 3rd party consultant to do the job, for the right price, because you have the source.
How do we establish or measure that an approach or implementation in an open-source project is sound, efficient, or good quality?
The same way you would with any other code? I don't have any better answers for this one.
What sort of liability do we open ourselves up to, in terms of licensing [granted, this is more a question for lawyers and an issue of RFTL].
Yep, have a lawyer advise you on this. Every tech business should employ a lawyer anyway. The answer will depend on the specific licenses you're dealing with and what exactly you plan to do with the software you develop.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
I am a college student keen to improve my Programming skills. I have two pathways to follow:
Contributing to OpenSource Projects
Solving puzzles at codechef.com
Which one should I follow?
A good programmer is one who cares about his or her ACE - Accuracy, Clarity, Effectiveness.
A good programmer cares about the Accuracy of code. The easy part is coding the "happy path" because this is always in the forefront of our minds when we design and write the code. But what about potential the exception paths that exist when presented with unexpected input and edge case behaviours of the chosen implementation provided? Care is shown by taking the time to think through all the code paths, investing time in testing, submitting the code for peer review, and having the willingness to accept other's suggestions and make changes when appropriate.
A good programmer cares about the Clarity of code. Whether the code is well structured, expressive, adheres to the Open-Closed Principle, the Single Responsibility Principle, the executing machine doesn't care one bit. But, these are all very important to the next programmer, or yourself, who has to read and understand your code at a later date in order to fix bugs, modify behaviours, or add features.
A good programmer cares about the Effectiveness of code. Does it satisfy all the constraints imposed on it? Not only performance and space constraints, but also aspects that make it acceptable to the end user, the demands on the development and testing timelines by your clients, boss, family. Professional software development is not a precise circumscribed task, like "calculate the determinant of an NxN matrix". It has many constraints and demands, and good programmers are mindful of all of these, and will do their best to manage the them, especially when there is not enough time to satisfy all constraints completely.
So! To answer your immediate question, Open Source or codechef, I'd say that being involved in an Open Source project provides much greater opportunities to practice being a good software developer. So go choose an Open Source project that you care about, and ACE it!
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
We develop scientific software and I manage a small group of applied scientists who write great code. A lot of our products depend on stable development tools which we've been using for developing a stable code base. Now the issue is, someone from the management visited an open source conference and was too pleased to see a lot of great tools which can be used internally for free in place of the commercial ones we've been using so far. So he suggested to the management to remove costs of buying the tools we've using and shift to the open source ones. Now I do not have anything against the open source movement but through a small experiment I found that my team is spending a lot more time debugging and maintaining stable code bases for those open source tools .
I'm sure a lot of other program manager's have had this problem so far. Would people relate their experiences and let me know of any studies made on this subject ? i want to present a cost benefit analysis to the management by giving some statistical facts not just empirical evidence. I'll be glad to know some case studies thereof.
I think open source is terrific, but I use a commercial IDE (IntelliJ) for Java development, even though there are popular open source alternates Eclipse and NetBeans. In my experience, IntelliJ is the best IDE, hands down, with a measurable impact on my productivity.
I can't say that it's true of all tools, but in this case it is.
I don't believe that either open source or commercial tools can claim the high ground here, because I can cite good and bad examples on both sides. Blanket statements and "me, too" thinking are usually a bad idea.
Statistics will be hard to come by. 86% of all statistics are made up on the spot.
I would expect managers in a company whose products are based on science to be more rational. You're a small firm - talk it through. If it's not possible in your situation, then no one has a chance.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
My company (EU-based) is considering to release some parts of our code
under a free software license. We are going to ask lawyers, but firstly
I'd like to ask what problems should we expect when doing that? We are
planning to use LGPL license, mostly because we want to be able to reuse
other people's code in our (closed) software later too.
Edit: We own all the code we want to be released (everything was written
by a single developer, and he actually proposed to opensource the code).
Also we don't care about reusing
this code by our competitors; this piece of code is more or less orthogonal
to what we do for living. We do expect that this code will be improved by others (or at
least spot any bugs), but it is actually good enough for us already.
Thanks for opinions.
Possible problems:
You do not own the rights on all of your own code (e.g. some portion was made by a freelancer but the rights were never properly transfered)
You expect something to happen with your code (e.g. other people to improve it) but it never happens
Your code becomes used in a competing product and you cannot prevent that
You want to withdraw the freedom and find out you can't
If your company wants to keep some control of what is the official code, I suggest you the Artistic License 2.0, instead of LGPL.
I would recommended releasing under LGPL or BSD style license, which does not contain any responsibilities from your side.
Regarding the use of code by other people, again, use only BDS licensed code and you are all set.
If you use the LGPL, contributions from other people can still be done under the GPL, which would prevent you from reusing their code in close-source software. You'll have to watch out for that. Also, even if their contribution is LGPLed, you only have the freedom to not open the source if that code is used in an external DLL or the like.
This is a very rough description, and the implications of that are quite hard to grasp (I don't fully either) and also depend on what kind of software you're developing, so you definitively have to consult a lawyer.
You might also want to look at what Qt does.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
Cofundos is a project where you can pay for tasks to be completed in open-source programs. If a developer solves this task, he will earn the money. Is this a good way to push open-source software?
No.
Joel Spolsky has talked about the phenomenon of people doing for free what they would never do for pay in the context of contributing to sites like Stack Overflow. People have all sorts of reasons for doing things for free:
Helping out a friend or society.
Fame and recognition.
Hobby or passtime.
Building a resume.
Learning about the world around them.
When you offer money it either destroys the purpose of doing something ("It's not a hobby if I get paid—it's a job.") or reduces the intrinsic value of doing it ("I'm not helping out society—I'm helping out me."). The same is true for Open Source contributions.
People do get paid for Open Source work. But normally by companies who are using Open Source software and need certain features and fixes. Sometimes they are full time, but often it's just submitting a bug fix or feature so that it will be carried to the next release. But that happens because the project is useful to the company.
So a better way to "push" Open Source is to use Open Source. If a project is missing a feature, you'll need to add it yourself or find someone else who will. Any scheme that offers money for a feature directly will likely not work. And if the feature does get added, it'll be added by someone who wants to get paid rather than someone who wants better software.
Well if you absolutely need a new feature in a program and you can't contribute, then sure. Otherwise I don't see why you don't just do it. You'll learn more by doing it yourself.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
One problem I have with open-source is not often the product or documentation, but the level of community involvement and support. Response time for some questions on official forums can take more than a week, which can honestly make a big difference when choosing a platform for commercial services use. However, I find that evaluating the community beforehand is very difficult. How do I know what are the most common issues, and whether or not people are getting support for them? How do I know what problems I personally might encounter based upon my project, which would require some level of community support? Do you have a formula for performing this evaluation?
I've usually found that relying on community support for anything mission critical is asking for trouble. So I usually stay away from open source unless it's something that I'm confident we can support in-house or there is a commercial support service available for it.
If your question is posed because you don't want to pay for support, then I think your best bet is to ask questions about a specific project on neutral forums like this and see what others have experienced in terms of support and timeliness of resolution to issues.
If you are willing to pay for support, there are companies that provide commercial support for open source projects, like OpenLogic as an example that could factor into your formula.
The only real way to evaluate the community is to try it, participate in the community. Most communities will have good support networks available in one manner or another. Also many individuals are starting to offer support services for the various frameworks as well, for those looking for a more dedicated resource for problem resolution.
But I find the best way is to just get in there, ask a few questions, poke around at the resources, and really see what is there.