Whenever you see an Open Source Program Office (OSPO) in a company you can be pretty confident that it is going to have all manners of compliance folk or it’s going to be full of technical program managers making sure that projects are executed on time or helping move inner source to outer source.
Unfortunately, this plan has not helped open source projects that are core to everything we do every day be sustainable. We have seen multiple security incidents in Log4J but when we look under the hood it’s an overworked engineer on his own. This is not uncommon in open source.
And how do most companies think it can be solved? Money. Money is rarely what they need, but it can help.
In this talk, David will show how he took BrowserStack from not having an OSPO to having one that gives key open source projects that we use the most precious resource for that project. Time. Engineering time to make sure that key problems are solved for everyone using the projects that are part of our bread and butter without giving up on the compliance and legal aspects that tend to make up an OSPO.