Producing Open Source Software

How to Run a Successful Free Software Project

Karl Fogel


This book is dedicated to two dear friends without whom it would not have been possible: Karen Underhill and Jim Blandy.

Table of Contents

Why Write This Book?
Who Should Read This Book?
1. Introduction
The Rise of Proprietary Software and Free Software
Conscious resistance
Accidental resistance
"Free" Versus "Open Source"
The Situation Today
2. Getting Started
Starting From What You Have
Choose a Good Name
Own the name in the important namespaces
Have a Clear Mission Statement
State That the Project is Free
Features and Requirements List
Development Status
Development status should always reflect reality.
Version Control and Bug Tracker Access
Communications Channels
Developer Guidelines
Availability of documentation
Developer documentation
Demos, Screenshots, Videos, and Example Output
Choosing a License and Applying It
The "Do Anything" Licenses
How to Apply a License to Your Software
Setting the Tone
Avoid Private Discussions
Nip Rudeness in the Bud
Practice Conspicuous Code Review
Case study
Be Open From Day One
Waiting Just Creates an Exposure Event
When Opening a Formerly Closed Project, be Sensitive to the Magnitude of the Change
3. Technical Infrastructure
What a Project Needs
Web Site
Canned Hosting
Choosing a canned hosting site
Hosting on fully open source infrastructure
Anonymity and involvement
Mailing Lists / Message Forums
Choosing the Right Forum Management Software
Spam Prevention
Identification and Header Management
The Great Reply-to Debate
Mailing List / Message Forum Software
Version Control
Version Control Vocabulary
Choosing a Version Control System
Using the Version Control System
Version everything
Use branches to avoid bottlenecks
Singularity of information
Receiving and reviewing contributions
Pull requests
Review systems
Commit emails
Bug Tracker
Interaction with Email
Pre-Filtering the Bug Tracker
IRC / Real-Time Chat Systems
IRC Bots
Commit Notifications in IRC
Archiving IRC
RSS Feeds
Wikis and Spam
Choosing a Wiki
Q&A Forums
Social Networking Services
4. Social and Political Infrastructure
Benevolent Dictators
Who Can Be a Good Benevolent Dictator?
Consensus-based Democracy
Version Control Means You Can Relax
When Consensus Cannot Be Reached, Vote
When To Vote
Who Votes?
Polls Versus Votes
Writing It All Down
Joining or Creating a Non-Profit Organization
5. Money
Crowdfunding: Kickstarter, etc
Types of Corporate Involvement
Hire for the Long Term
Case study
Appear as Many, Not as One
Be Open About Your Motivations
Money Can't Buy You Love
Review and Acceptance of Changes
Case study: the CVS password-authentication protocol
Funding Non-Programming Activities
Quality Assurance (i.e., Professional Testing)
Legal Advice and Protection
Documentation and Usability
Funding User Experience (UX) Work
Providing Hosting/Bandwidth
Providing Build Farms and Development Servers
Sponsoring Conferences, Hackathons, and other Developer Meetings
Remember That You Are Being Watched
Case study: You can't fake activity, so don't try
Don't Bash Competing Open Source Products
Hiring Open Source Developers
6. Communications
You Are What You Write
Structure and Formatting
Recognizing Rudeness
Avoiding Common Pitfalls
Don't Post Without a Purpose
Productive vs Unproductive Threads
The Softer the Topic, the Longer the Debate
Avoid Holy Wars
The "Noisy Minority" Effect
Difficult People
Handling Difficult People
Case study
Handling Growth
Conspicuous Use of Archives
Treat all resources like archives
Codifying Tradition
Choose the Right Forum
Cross-Link Between Forums
Announcing Security Vulnerabilities
Receive the report
Develop the fix quietly
CVE numbers
Distribute the fix publicly
7. Packaging, Releasing, and Daily Development
Release Numbering
Release Number Components
The Simple Strategy
The Even/Odd Strategy
Release Branches
Mechanics of Release Branches
Stabilizing a Release
Dictatorship by Release Owner
Voting on Changes
Managing collaborative release stabilization
Release manager
Name and Layout
To capitalize or not to capitalize
Compilation and Installation
Binary Packages
Testing and Releasing
Candidate Releases
Announcing Releases
Maintaining Multiple Release Lines
Security Releases
Releases and Daily Development
Planning Releases
8. Managing Volunteers
Getting the Most Out of Volunteers
Distinguish clearly between inquiry and assignment
Follow up after you delegate
Notice what people are interested in
Praise and Criticism
Prevent Territoriality
The Automation Ratio
Automated testing
Treat Every User as a Potential Volunteer
Meeting In Person (Conferences, Hackfests, Code-a-Thons, Code Sprints, Retreats)
Share Management Tasks as Well as Technical Tasks
"Manager" Does Not Mean "Owner"
Patch Manager
Translation Manager
Documentation Manager
Issue Manager
Choosing Committers
Revoking Commit Access
Partial Commit Access
Dormant Committers
Avoid Mystery
Handling a Fork
Initiating a Fork
9. Open Source and the Organization
Review Your RFI, RFP and Contract Language
Get the Lawyers Involved Very Early or Very Late
Dispel Myths Within Your Organization
Foster Pools of Expertise in Multiple Places
Decouple Publicity Events from Project Progress
Establish Contact Early with Relevant External Communities
Have a Plan to Handle Negative Reactions
The Key Role of Middle Management
Governments and Open Source
Being Open Source From Day One is Especially Important for Government Projects
The Open Government / Open Data Community
10. Legal Matters: Licenses, Copyrights, Trademarks and Patents
Aspects of Licenses
The GPL and License Compatibility
Legal Diligence: What to Check Before You Release
Choosing a License
The GNU General Public License
The "or any later version" Option: Future-Proofing the GPL.
The GNU Affero GPL: A Version of the GNU GPL for Server-Side Code
Is the GPL free or not free?
Contributor Agreements
Doing Nothing
Contributor License Agreements
Proprietary Relicensing Schemes
Problems with Proprietary Relicensing
Case study: Mozilla Firefox, the Debian Project, and Iceweasel
Case study: The GNOME Logo and the Fish Pedicure Shop
Further Resources
A. Canned Hosting Sites
B. Obsolete Appendix (was: Free Version Control Systems)
C. Obsolete Appendix (was: Free Bug Trackers)
D. Obsolete Appendix: (was: Why Should I Care What Color the Bikeshed Is?)
E. Obsolete Appendix (was: Example Instructions for Reporting Bugs)
F. Copyright