guides-open-source.md

layout	title
page.njk	Open Source Guide

x-Gov Open Source Guide

Overview

WIP - DRAFT

How teams x-Gov are approaching service standard point 12.

Based on discussions had at the regular open source meet-up.

All contributions welcome! Fork this repo and PR.

Approaches

Place to add or link to case studies...

Tools

List of useful tools

• Microsoft Software Bill of Materials (SBOM) tool
• GitHub self-service SBOMs
• dependabot - GitHub dependency scanning
• snyk - open source code security tool
• Backstage - framework for building service catalogues
• Kong - tooling for API catalogues

Reasons to adopt open source

General:

• Quality through collaboration - developers can work together with other experts resulting in a higher quality product
• Security through visibility - opening up the source code allows developers around the world to find the security flaws and bugs in the code
• Promotes good practice - by exposing code to the scrutiny of others encourages developers not to take shortcuts and use workarounds
• No vendor lock in - using proprietary software can force businesses to continue relying on a product because they lack the flexibility and freedom to break free
• Cheaper - open source doesn’t mean free, often open source products will sell support and training, or hosted solutions, however these can be cheaper than proprietary licenses
• Continuous improvement mantra - open source developers often try to create products that are as useful to the community as possible, and are constantly trying to improve the software, proprietary solutions serve the vendor, which may lead to prioritising features for big clients rather than the wider community

Specific to x-Gov:

• Our money, our code - public services are built with public money, the code they’re based should be made available for people to reuse and build on
• Don't repeat yourself - open source code can be reused by developers working in government, saving time and resources and reducing duplication of effort
• Keeping it simple and clear - publishing code in the open from the start encourages people to create better documentation and to structure the code more clearly, making it easier to maintain in the future
• Help others to help you - working in the open invites other developers across Government to make suggestions about how the code can be improved or where security can be improved

See Also

• X-UK-Gov Public Repository Leaderboard
• #open-code x-gov slack channel
• Open source meet-up notes
• NHS Open Source Programme