Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Open Source Compliance at Twitter  Philosophy, Governance and Best Practices            Chris Aniszczyk (@cra)     Open Co...
Agenda     Introduction and Brief History         Open Source at Twitter         Philosophy and Culture    War Stories and...
What is Twitter? “Instantly connect peopleeverywhere to what is most   meaningful to them...”
2006: A simple idea...
2008: Growing Pains
2009... Crazy Growth
BTW, Japan holds TPS Record!
BTW, Japan holds TPS Record!  Miyazaki  25,088 TPS
2010+: Build a company!
Now: Growth Continues...140M+ Active Users400M+ Tweets per Day33+ Languages Supported1300+ Employees Worldwide50% Employee...
Open Source at Twitter  We run and depend on it
Twitter Runs on Open Source
Engineers ran the asylum...
Code dumping happens...
Open Source Office  "The Open Source Office directs all open source efforts(compliance, data and standards) at Twitter and...
Created Open Source Office in 2011
Open Source Review Process  Simple, Comfortable and Audit-able    Tools built on “JIRA Workflows”
Where? Default to GitHub                   Also see http://twitter.github.com
Licensing Guidelines: Outbound We prefer liberal licenses for adoption    Default to APLv2 in most cases   Prefer MIT lice...
Licensing Guidelines: Inbound      OSI Certified Licenses Only List of Approved and Banned Licenses         Motto: Trust bu...
Development Guidelines                           Documentation         README, LICENSE, CHANGELOG, ROADMAP, NOTICE, CONTRI...
Philosophy and Culture“Default to open, think about what to keep closed that defines your          secret sauce...”
Open Source Philosophy
Why?7 reasons we do it
Community FeedbackMore usage translates into more bug reports andfeature improvements. This translates into morestable cod...
Attract TalentSmart engineers like to hang out with other smartengineers. Quality code will attract other smartengineers t...
Better HiringWhat better way to find candidates than the ones  who contribute to your open source projects?Consider this t...
Retain TalentGreat engineers like working in the open and showing off their work. Sure, this may makethem attractive to ot...
Reduce DuplicationWhen you open source code, there’s a chance thatsomeone on the inside or outside will let you know it’s ...
Modularization When open sourcing internal code (especially if itwas part of a larger code base), you tend to break   it a...
The Right Thing To Do   These days, it’s very difficult to build anythingwithout benefiting from open source code in some ...
War StoriesSome stories and lessons learned  from the open source office
Story 1: Bootstrap    The legacy of GPLv2       License: APLv2github.com/twitter/bootstrap
Lesson Learned?  Liberal license helped spur adoptionDrupal, Wordpess, Jooma: GPLv2 legacy We made a mistake not choosing ...
Lesson Learned?Be diligent about communities whomay adopt your code even if using   liberal open source licenses
Story 2: Twemcache      The fun of forking...        License: BSDgithub.com/twitter/twemcache
Lesson Learned? Avoid forking if possible. If not,reach out to existing communitiesbefore moving forward and making       ...
Story 3: Clutch.IOM&A and open sourcing...     License: APLv2  github.com/clutchio
Lesson Learned?   Open sourcing code from an    acquisition could be a win,especially if you’re going to shut aservice dow...
Best PracticesWhat works for us...
Define Secret Sauce Don’t open source anything that represents a core  business value. Define your secret sauce sothere’s ...
Compliance in EngWhen’s the last time you heard engineers have funworking with lawyers? Treat open compliance asan enginee...
Facilitate Contributions Make it easy for engineers to contribute to outside projects with minimal bureaucracy.Setup simpl...
TransparencyMake decisions around open sourcing code as  transparent and accessible as possible. Awareness is great, you c...
Blessed Repositories    Have central repositories (e.g., Maven or      RubyGems) for approved open sourcelibraries. On top...
Collaborate   Join organizations such as FOSSology, OpenInvention Network (OIN) or SPDX. Work together with companies and ...
Measure Everything Establish metrics and measure yourselfagainst them. Otherwise, how can you know what’s going on and how...
Conclusion             Twitter ♥ Open Source  Open compliance is important. Establish aefficient open compliance process t...
Q&AThank you for listening!        @cra  zx@twitter.com
Open Source Compliance at Twitter
Upcoming SlideShare
Loading in …5
×

Open Source Compliance at Twitter

1,734 views

Published on

Published in: Technology
  • Be the first to comment

Open Source Compliance at Twitter

  1. 1. Open Source Compliance at Twitter Philosophy, Governance and Best Practices Chris Aniszczyk (@cra) Open Compliance Summit Asia 2012
  2. 2. Agenda Introduction and Brief History Open Source at Twitter Philosophy and Culture War Stories and Lessons Learned Best Practices Conclusion Q&A
  3. 3. What is Twitter? “Instantly connect peopleeverywhere to what is most meaningful to them...”
  4. 4. 2006: A simple idea...
  5. 5. 2008: Growing Pains
  6. 6. 2009... Crazy Growth
  7. 7. BTW, Japan holds TPS Record!
  8. 8. BTW, Japan holds TPS Record! Miyazaki 25,088 TPS
  9. 9. 2010+: Build a company!
  10. 10. Now: Growth Continues...140M+ Active Users400M+ Tweets per Day33+ Languages Supported1300+ Employees Worldwide50% Employees are Engineers100+ Open Source Projects1M+ LOC Open Source Code / Year
  11. 11. Open Source at Twitter We run and depend on it
  12. 12. Twitter Runs on Open Source
  13. 13. Engineers ran the asylum...
  14. 14. Code dumping happens...
  15. 15. Open Source Office "The Open Source Office directs all open source efforts(compliance, data and standards) at Twitter and supports all initiatives related to our engineering outreach and contributions to the broader software community."
  16. 16. Created Open Source Office in 2011
  17. 17. Open Source Review Process Simple, Comfortable and Audit-able Tools built on “JIRA Workflows”
  18. 18. Where? Default to GitHub Also see http://twitter.github.com
  19. 19. Licensing Guidelines: Outbound We prefer liberal licenses for adoption Default to APLv2 in most cases Prefer MIT license in front-end JS Compatible with respective community Clojure? EPL, NodeJS? MIT
  20. 20. Licensing Guidelines: Inbound OSI Certified Licenses Only List of Approved and Banned Licenses Motto: Trust but Verify Extra Scrutiny at Distribution Points Less Scrutiny Elsewhere... (NOTICE)
  21. 21. Development Guidelines Documentation README, LICENSE, CHANGELOG, ROADMAP, NOTICE, CONTRIBUTING Example code Communication There should be a mailing list, twitter account or a discussion forum Frequent Releases and Versioning Releases should be frequent and follow semantic versioning guidelines (http://semver.org) Deployment Releases should be easily consumable (e.g., available on maven central or rubygems)
  22. 22. Philosophy and Culture“Default to open, think about what to keep closed that defines your secret sauce...”
  23. 23. Open Source Philosophy
  24. 24. Why?7 reasons we do it
  25. 25. Community FeedbackMore usage translates into more bug reports andfeature improvements. This translates into morestable code and helps prevent costly issues appearing in production.
  26. 26. Attract TalentSmart engineers like to hang out with other smartengineers. Quality code will attract other smartengineers to move your company missions forward.
  27. 27. Better HiringWhat better way to find candidates than the ones who contribute to your open source projects?Consider this the best technical interview you can give a potential candidate. Plus it’s fun to look at their code in advance to review!
  28. 28. Retain TalentGreat engineers like working in the open and showing off their work. Sure, this may makethem attractive to other companies but these are the people you want anyway, trust me!
  29. 29. Reduce DuplicationWhen you open source code, there’s a chance thatsomeone on the inside or outside will let you know it’s been done in some way already. Embrace the new knowledge.
  30. 30. Modularization When open sourcing internal code (especially if itwas part of a larger code base), you tend to break it apart into smaller reusable and more maintainable pieces.
  31. 31. The Right Thing To Do These days, it’s very difficult to build anythingwithout benefiting from open source code in some fashion. Find ways to pay it forward as a “rising tide lifts all boats” in the industry.
  32. 32. War StoriesSome stories and lessons learned from the open source office
  33. 33. Story 1: Bootstrap The legacy of GPLv2 License: APLv2github.com/twitter/bootstrap
  34. 34. Lesson Learned? Liberal license helped spur adoptionDrupal, Wordpess, Jooma: GPLv2 legacy We made a mistake not choosing MITNow we’re migrating to MIT... it’s a PITA
  35. 35. Lesson Learned?Be diligent about communities whomay adopt your code even if using liberal open source licenses
  36. 36. Story 2: Twemcache The fun of forking... License: BSDgithub.com/twitter/twemcache
  37. 37. Lesson Learned? Avoid forking if possible. If not,reach out to existing communitiesbefore moving forward and making an announcement.
  38. 38. Story 3: Clutch.IOM&A and open sourcing... License: APLv2 github.com/clutchio
  39. 39. Lesson Learned? Open sourcing code from an acquisition could be a win,especially if you’re going to shut aservice down or do nothing with it.
  40. 40. Best PracticesWhat works for us...
  41. 41. Define Secret Sauce Don’t open source anything that represents a core business value. Define your secret sauce sothere’s a shared understanding that can guide company decisions. Embed this secret sauce within your culture and company.
  42. 42. Compliance in EngWhen’s the last time you heard engineers have funworking with lawyers? Treat open compliance asan engineering problem and have it live in the engineering organization with a well trained staff. Educate everyone. Balance risk and speed.
  43. 43. Facilitate Contributions Make it easy for engineers to contribute to outside projects with minimal bureaucracy.Setup simple guidelines and only be involved if legal issues come up (e.g., CLA)
  44. 44. TransparencyMake decisions around open sourcing code as transparent and accessible as possible. Awareness is great, you can also catch mistakes and duplication.
  45. 45. Blessed Repositories Have central repositories (e.g., Maven or RubyGems) for approved open sourcelibraries. On top of making life better for engineers, this makes it easier to scan for compliance.
  46. 46. Collaborate Join organizations such as FOSSology, OpenInvention Network (OIN) or SPDX. Work together with companies and individuals to tackle the problem of compliance.
  47. 47. Measure Everything Establish metrics and measure yourselfagainst them. Otherwise, how can you know what’s going on and how can you improve?
  48. 48. Conclusion Twitter ♥ Open Source Open compliance is important. Establish aefficient open compliance process that balances speed, risk and efficiency. Use or build tools to help make it easy and transparent.
  49. 49. Q&AThank you for listening! @cra zx@twitter.com

×