How to Work Better With the Open-Source Community

Open-source code is ubiquitous these days, and it is hard to find a better deal than a high-quality, free implementation of a component with a thriving and innovative community surrounding it.

It’s no wonder that by 2012 more than 80 percent of commercial software development projects will include open-source components, according to Gartner. We think even that is conservative — most of the other 20 percent are probably using open-source without realizing it.

But incorporating open-source components isn’t as free or as effortless as it might seem. It’s easy enough to download, build, and integrate most open-source software. Only later does it become apparent that working with open-source requires a different way of working in order to manage risks and efficiently incorporate ongoing changes, a process that I discussed in my previous post, Liabilities of the Expanding Software Supply Chain. We’ve been working with more than 260 open-source projects since 2006 to help them find and fix software defects through our Coverity Scan initiative. Here are some of the lessons we’ve learned:

1. Build individual relationships with developers on critical projects. Successful open-source projects rely on a network of developers bound by a common passion. If an open-source component plays a critical role in your infrastructure, it pays to have developers on your team play the role of ambassadors to the open-source community. This helps build sustained relationships, which can be helpful in getting faster assistance and a higher level of support. Relationships with de facto project leads and active contributors can result in added influence over the direction of a project. But beware: These relationships take time and effort to build, and expecting too much can lead to problems.

2. Contribute back to the community and take responsibility for a neglected area that you need. Open-source projects are usually very welcoming of contributions, whether they are defect patches, improved documentation, tests and testing infrastructure, or contributed code for new features. If an open-source component does almost all of what you need, consider adding to it to make it do what you want. The costs are likely to be much lower than starting from scratch, and the community will be grateful if you take the time to package the contribution cleanly and test and document it. Contributing back is the best way to build relationships.

3. Collaborate in bite-sized chunks. Back when we first started contributing defect reports to the Linux kernel community, we expected that they would be more impressed with more defects. But soon we found the opposite was true. If we sent out a large list of 100 defect reports, they were largely ignored. But if we sent out three to five at a time, we got instantaneous responses, and usually the defects were fixed within a day or two. We’ve found that regular, smaller contributions are easier for many open-source projects to digest. It results in closer collaboration and a common understanding of the goals of a change and the technical issues encountered along the way. Often, involving the community in the intermediate steps along a path results in less opposition when you arrive at the destination.

These are just three of the basic lessons we’ve learned, and there are many more. What has worked well for you in collaborating with the open-source community?

17 comments on “How to Work Better With the Open-Source Community

  1. Ariella
    March 17, 2011

    Good tips here.  The last one is very telling about human nature.  Too many items to deal with can be so overwhelming that one ignores them all. In contrast, smaller amounts appear more managable and so are more likey to be addressed.

  2. AnalyzeThis
    March 17, 2011

    Open-source is indeed here to stay, but a common complaint you still hear about it is, “well, if something goes wrong, there's no place to turn to for support, there's no SLA!”

    But that isn't even completely true.

    There are companies out there — I'm thinking specifically of credativ — that will provide support, project management, and consulting services for open source software of all sorts. Many of the people on their staff are already actively involved as developers on various distributions, which is potentially very beneficial for numerous reasons (no need to spend time building new relationships yourself, for instance).

    So there are plenty of different ways to interact and successfully work with open source. It's not the Wild Wild West.

  3. Wale Bakare
    March 17, 2011

    DennisQ thanks for your addition. Main aspect of open source projects that needs addressing is managment. How best can most commercial organisations make use of open source component reusable?

    Unimpressively my experience on open source material cost my organisation time and money . Search, download and build theoritically easy but debugging might sometimes quiet difficult. Also remodification of someone's else codes takes lenght of time than developing new code from the scratch.

    If as suggested in the article be in collaboration with open – source project developers could make difference that might be also better for especially for evolving software project developments in critical applications.


  4. itguyphil
    March 17, 2011


    That is a question that I hear all the time. The resources are great until something goes wrong and you're stuck with Google for a solution.

    You are correct about the support options (I know people that make a living supporting many open-source initiatives). The only problem with that is the cost. Many people that use open source do so because more often than not, it doesn't cost them, anything. So they get the false expectation that there will be no costs involved with using the product. Then when they do hit the exception/page cannot be found, they get freaked out that they have to pay someone to figure it out (that's when people curse open source).

    So it's all about understanding the products limitations and having the right expectations when diving into the open source pool.

  5. DataCrunch
    March 17, 2011

    Open source can be very beneficial to organizations, but let’s not assume it’s free.  For instance, take Linux, which is open source.  Sure you can download a variety of open source linux community edition versions and install for free, but corporations that embrace Linux are typically going to buy a packaged enterprise linux version, like Red Hat.   

  6. itguyphil
    March 17, 2011

    Yes. But that's because they have the people and resources to do their homework and anticipate the issues that will arise. I am referring to the small and midsize business that have small (if not outsourced) IT departments and run to install Linux (Ubuntu or CentOS) because it's free and can run the proprietary database application.

    Those are the people that spam the forums and message boards.

  7. mfbertozzi
    March 18, 2011

    Dave, keeping exactly your clear example and keeping in mind what happened also about other platforms (plz lemmi dont mention them) I was thinking open-community is potentially one of the best sales strategy…(?)

  8. DataCrunch
    March 19, 2011

    It’s been a while since I heard any hype about desktop Linux.  I do hear about Linux more when it comes to server implementations, but rarely desktop anymore.   Those looking for an alternative to Microsoft are now migrating towards Apple’s Mac.  Both of which are not open source.   

  9. t.alex
    March 19, 2011

    Point number 3 is so true. This reflects the motto “Release early, release often” that's often heard among open-source communities. Beta-testers who are also developers really help push the product to achieve good quality.

  10. Anand
    March 20, 2011

    @Dave True, there is not much hype about Desktop Linux these days. I remember 15 years back installing Linux on you desktop was big thing, because installing   drivers for Keyboard, Network card, Screen was very difficult. But these days its pretty straight forward. Am not sure why people lost interest in Linux based desktops.

  11. Nemos
    March 20, 2011

    Αmazing and very interesting responses from the readers, and giving the sense that Open source community has a long and promising way to go .

    I would like to mention that we shouldn't use the open source implements to reduce our software developing costs , and of course takes time for searching if you want to use open source code . But we should use open source community if we want to improve our software.

  12. Ashu001
    March 21, 2011


    Great post!! You dealt with most of the issues that we fave everyday in the Opensource community.

    The best part of your post was this line here,

    Relationships with de facto project leads and active contributors can result in added influence over the direction of a project.”

    Why was this line key?Its because you need responsibility to run and control a project.Its not good enough having hundreds of contributors contributing like Ants if there is'nt a Queen Bee/Mother Ant controlling the strings of the entire project.That's precisely what Project Leads and Active contributors tend to do.

    As someone who has been an active contributor of Dozens of Open source projects over the years this is the key takeaway point.Even orphaned software projects can get a tremendous push if someone is willing to take the responsibility and show enthusiasm for the project.



  13. Hardcore
    March 21, 2011

    I have worked on and am still working with the Linux kernel, point 3 is indeed critical, in fact the ideal way (and the way the developers prefer )is actually file one problem as an individual bug.

    The advantage is that one bug can then be taken up by one developer, without the need to worry about other developers conflicting on the work, once you get to more than a few bugs , it then requires someone to 'manage' the bug list , over who is doing what, or worse still takes a developers time to split the list up and file each item separately.

    so it is not surprising that a larger list would be 'bounced', consider that whilst developers are dealing with paperwork, they are not fixing bugs.

    One issue I have found with open source and  some China/Asian companies, is that they flatly refuse to give back to the community and yet they are quite happy to push others to abide by the 'open source rules', further to this , there is actually a number of China based companies that remove copyright notices and program details from what is supposed to be  open-source code.

    This is currently very prevalent in most if not all of the Tablet and phone makers in ShenZhen South China.

    I spoke to one company as regards to getting access to 'their' source, and yet they were fairly aggressive in demanding the release of code I myself was working on for the linux kernel, specifically because it related to embedded devices and would allow them to leapfrog their competitors.

    Unfortunately  many companies are not playing by the rules as regards open-source.

  14. hwong
    March 22, 2011

    @hardcore – Yes. I can totally see the freerider problems in the opensource realm. But this is not just a problem in China or Asia. It's everywhere. There really isn't much that we can do about the freeriders. But when they develop something and tries to sell it, they cannot “patent” or “license” it since it's open source code. That would be illegal. The laws should enforce strict rules to catch that if they attempted to do that.

    That said, freefriding is omnipresent everywhere in open source community. Take for example discussion Forum such as “buying deals”. There will always be people more willing to contribute their ideas in the forum and some willl just keep absorbing the tips but never contribute. Yet having this forum will still be better than having none. Because at the end of the day, more people buy the discounted products and will stimulate the growth of the economy.

  15. AnalyzeThis
    March 22, 2011

    @anandvy I think people were more interested in desktop Linux back when Windows wasn't very good.

    But starting with Windows XP, those complaints kind of went away. And time has proven that Windows XP desktops have been far easier to maintain, long-term, than Linux.

    And then there are the security/compatibility/ease-of-use/software issues…

    I do agree that in a way it doesn't make sense that Linux on the desktop isn't really a topic anymore especially considering so many apps are in the cloud anyway, but given how happy most admins/users are with Windows these days it's just kind of a moot point.

  16. t.alex
    March 25, 2011

    Nemos, you bring up another interesting point. That is relying on opensource doesn't mean free software development cost. In fact in some cases, the cost may be higher due to the complexity and lack of information. However, tapping from opensource community proves to be useful in most cases.

  17. hwong
    May 19, 2011

    The whole idea is that if everybody contributes back to the community, then alot more productivity will be produced as a result. It's like everyone helping to build a house rather than 1 person working on it for a LONG time

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.