Managing open source software: lessening the load for developers

Evaluating open source projects and repositories is a time-consuming and unreliable process that can be greatly improved by an intelligent platform approach

Selecting open source software (OSS) solutions instead of implementing proprietary solutions with similar functionality has been proven to generate significant benefits for enterprises. In fact, Red Hat's recent State of Enterprise Open Source report found that 75 per cent of IT leaders consider enterprise open source to be very important, and 77 per cent plan to increase their use of OSS within the next 12 months.

Yet development teams are often faced with the time-intensive task of deciding amongst the myriad OSS projects available online to use in their own applications and platforms. Issues can easily arise when deciphering whether certain OSS meets the required criteria for adoption in terms of quality, maturity, activity of development, and user support.

The high workloads of today's development teams, coupled with the increasing pressure of tight internal deadlines, means that simplifying this OSS management challenge should be a key priority as enterprises settle into the ‘new normal'.

Why choose OSS?

OSS is provided under licences that allow users to study, change and improve the software for free. Importantly, while the majority of OSS can be downloaded at no charge, it still incurs running costs including storage and computing power, as well as costs related to training and maintenance. However, with a significantly lower cost of ownership than proprietary products, OSS is an attractive cost-saving option for enterprises - with the Red Hat report revealing that cost reduction was the main reason for the enterprise adoption of open source.

Avoiding vendor lock-in is another key benefit for choosing open source, as users are less likely to become tied to a specific vendor than if they implement commercial, proprietary software. Since it is by nature closed, a lot of proprietary software may be incompatible with the data formats and systems of other vendors, which leads to challenges with integrating systems. In contrast, OSS developers are committed to establishing interoperability, which has positive financial and technical implications.

The community involvement in OSS is another distinguishing feature, with the leading open source projects offering continuous support both in answering user questions and repairing and maintaining the code. In extension, the collaborative aspect of open source can be a key driver of innovation within an organisation, sparking creativity amongst development teams, greater levels of productivity, and a vibrant, engaged culture.

The challenges with managing OSS

While the advantages of open source are clear, it can be a challenge for development teams when it comes to selecting OSS to use in their applications or platforms. This is a complex and extensive process which involves several key considerations, and can be further complicated by the fact that the level of quality and support differs between OSS projects.

Accurately assessing the risks and benefits of adopting an OSS project requires analysing four main sources of information. Firstly, development teams need to look at source code repositories to pinpoint how actively the code is developed. Secondly, they need to explore its communication channels including newsgroups, forums and mailing lists to ensure that user questions are answered quickly and in a satisfactory manner. Thirdly, inspecting the project's bug tracking system is important for understanding security posture. And lastly, other metadata such as the licence(s), the number of downloads, and its release history needs to be carefully taken into account.

OSS projects vary widely in quality and support, which makes the assessment process more time consuming. While many projects are high quality and surrounded by a community of engaged developers and users, in some cases, the team responsible for a project will not put as much time into its development, maintenance and support. In others, the project may have been discontinued altogether. What's more, the software can be lacking documentation, or the source code could potentially contain little or low-quality comments, making studying and maintaining it incredibly difficult. In addition, while the community involvement in OSS is a key benefit, this is sometimes limited and questions and defects can be handled very slowly or not at all.

A platform to simplify OSS management

In response to this challenge, the EU, alongside The Open Group, researchers, software developers, and open source forges have come together via the Developer-Centric Knowledge Mining from Large Open-Source Software Repositories (CROSSMINER) project to create a platform aimed at examining the programming code and interactions surrounding OSS projects - in turn, simplifying the open source management process for developers.

By extracting detailed knowledge using code analysis tools and Natural Language Processing, the CROSSMINER platform aims to help software engineers in developing and maintaining products and services based on freely available OSS technologies. Newer and more robust analysis and mining techniques go far beyond the code to evaluate how the project is evolving. The platform also alerts developers to dependencies and cross-project relationships to reduce costs and time in developing and maintaining new products and services that exploit open source technologies.

There is no doubt that the use of OSS solutions can drive a competitive business advantage, boosting productivity, cutting costs and allowing for constant collaboration through the wider involvement of the community. To fully reap the rewards of open source, however, it is crucial that development teams are set up for success when it comes to selecting and managing OSS projects, freeing up time for innovation and boosting business outcomes as a result.

David Lounsbury is chief technical officer at The Open Group