GitHub has recently released a set of guides and tools to assist businesses in setting up their own open source program office (OSPO). The GitHub-OSPO repository is focused on businesses in the early stages of establishing their initial OSPO and provides guidance on everything from contributor license agreements to archiving repositories. The goal is to help small-scale open source projects grow into being more organized and significant.
Open source software is becoming increasingly prevalent in the modern technology stack, spanning a wide range of areas such as cloud computing, databases, servers, and supercomputers. Many companies are now choosing to open-source their internal projects to encourage industry buy-in and public participation. However, managing open source componentry, compliance, security, and licensing obligations can be a significant challenge. The OSPO is now existing as a necessary part of the modern business organization, explaining what might formerly have been an assemblage of employees in various departments and duties.
At a time when some large companies such as Microsoft and Spotify have discovered OSPOs, many other organizations begun to back them as well. For example, the Dutch Government announced it was starting to use an OSPO after the World Health Organization launched its own OSPO last year. Goldman Sachs opened its OSPO even earlier, back in 2021.
Furthermore, the U.S. Securing Open Source Software Act, suggested a rule which came out in response to the Log4Shell security flaw that aimed on enhancing the security of open source software in government systems. This involves principles for vulnerability revelation, software bill of materials, and OSPOs` implementation within federal agencies.
In GitHub's Octoverse report it was mentioned that 30% of top 100 companies already have set-up OSPOs. GitHub hopes to support the flow of interest in OSPOs by providing their internal policies and tools as a blueprint for others to follow.
GitHub's OSPO repository for all businesses gets a big recognition among diverse companies that have already set up the OSPO. Its features can increase companies’ effectiveness and scale in general.
