Leveraging InnerSource practices to drive external Open Source solutions
3:45 PM - 4:15 PM EST
For highly regulated companies, it can be a challenge contributing to open source communities. There are many regulations and challenges with security and data loss prevention to overcome. Furthermore, there are few products or technology solutions that enable easier open source contributions in highly regulated environments. Because all companies rely on critical open source software with security risks, the Fannie Mae OSPO created the open source Clean Dependency Project. The primary goal is to clean up critical dependencies with no “clean” versions available and contribute them to open source communities. The inverse of this is using InnerSource “Golden Patches” to bring these clean dependencies back inside of the companies firewall to be tested and distributed to multiple teams for consumption and contribution. Through leveraging this model of compliance and community management, we can drive success internally whilst still supporting the projects that we rely upon. The purpose of this talk is to show how InnerSource and Open Source forms a solid bond for secure, innovative and reliable development.