Session: Navigating Open Source Project Risk

Most decisions boil down to an assessment of risk and making tradeoffs, and decisions about whether to use or contribute to an open source project are no different. We don’t always spend enough time thinking about the risks associated with how we’re using open source projects. For example, if we build our business or products on top of an open source technology, we probably want to reduce our risk. On the other hand, if we are using an open source project as part of some non-critical part of our infrastructure, we can accept more risk.

This talk will:

  • Compare the risk between projects under neutral foundations vs. those owned by individual companies.
  • Provide details about how governance impacts risk for leadership selection, decision-making processes, and communication.
  • Evaluate business risk in terms of contributors and organizations to determine the level of risk associated with individuals or organizations leaving the project.
  • Discuss how certain behaviors within the community can increase or decrease the risk of using and contributing to a project.

The audience will walk away with practical advice about how to assess risk and evaluate projects for yourself or your organization while also learning about ways to decrease risk in your own projects.

Presenters: