1450-Add Contrib First documentation. #1451
Conversation
|
Potential file addition - missing nav update
|
swirtSJW
changed the title
|
@dmundra Sorry. Can you take another look? I added two new sections. |
swirtSJW
force-pushed
the
1450-Add-contrib-first
branch
from
2c6bd98
to
d6cdc56
Compare
| - **Avoiding the gift that never happens** - Clients are not typically supportive of taking working local software that was already built for them and in use by them and then paying to move or refactor that software to be open source. The benefit is too small for the cost. By building it as contributed code first, there is no extra cost. | ||
| - **Development happens in the open** - The issue are public. The commits are public. Everyone can contribute. | ||
|
|
||
| ## Contrib first patches |
There was a problem hiding this comment.
This is pretty Drupal specific language - it would be nice to write this in more general terms (using Drupal as an example, or translating terms etc) as contribution to all the many FOSS projects we use should be our goal.
There was a problem hiding this comment.
Good point. It does make a fare amount of assumptions related to Drupal. I wanted this to be the reference specifically for Drupal that I could point to, mainly because the whole issue queue and contrib credit does not really exist elsewhere. What if doubled down on making this one section Drupal specific and then added another section that was more agnostic for other FOSS contributions?
swirtSJW
force-pushed
the
1450-Add-contrib-first
branch
from
502d214
to
0fb1326
Compare
practice-areas/engineering/drupal/drupal-contrib-first-module-development.md
Outdated
Show resolved
Hide resolved
...ce-areas/engineering/drupal/drupal-developer-tips-for-getting-the-most-out-of-open-source.md
Outdated
Show resolved
Hide resolved
practice-areas/engineering/drupal/drupal-contrib-first-module-development.md
Outdated
Show resolved
Hide resolved
practice-areas/engineering/drupal/drupal-contrib-first-module-development.md
Outdated
Show resolved
Hide resolved
| ## Rationale for contrib first | ||
|
|
||
| - **Fiscal responsibility** - Building it and contributing it means that other government agencies will never have to pay to build the same thing twice. This helps agencies comply with Federal Source Code Policy: Achieving Efficiency, Transparency, and Innovation through Reusable and Open Source Software [OMB Memorandum M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) | ||
| - **Reusability** - CivcActions other clients can benefit from work that was already done. |
| ## Rationale for contrib first | ||
|
|
||
| - **Fiscal responsibility** - Building it and contributing it means that other government agencies will never have to pay to build the same thing twice. This helps agencies comply with Federal Source Code Policy: Achieving Efficiency, Transparency, and Innovation through Reusable and Open Source Software [OMB Memorandum M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) | ||
| - **Reusability** - CivcActions other clients can benefit from work that was already done. |
There was a problem hiding this comment.
What about broadening this to non-federal, non-CivicActions users - e.g. "CivicActions other clients and the public at large can benefit"
|
|
||
| - **Fiscal responsibility** - Building it and contributing it means that other government agencies will never have to pay to build the same thing twice. This helps agencies comply with Federal Source Code Policy: Achieving Efficiency, Transparency, and Innovation through Reusable and Open Source Software [OMB Memorandum M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) | ||
| - **Reusability** - CivcActions other clients can benefit from work that was already done. | ||
| - **Security** - contributing our work to an open source project like Drupal means it may receive security coverage by the Drupal security team and the public. |
There was a problem hiding this comment.
Security coverage (at least in terms of Drupal) doesn't actually lead to detection of any new security issues - it's focus is really only on coordinating fixes (completed by project maintainers) for issues that are reported by external users and then notifying other users.
This is a benefit of course, but I am not sure it necessarily adds security on it's own. I would consider starting out with the "many eyes" argument. Essentially, by having many users it's more likely that security vulnerabilities will be detected over time (if it remains private, this is much less likely). Combining this with vulnerability reporting/notification infrastructure (like Drupal, but NVD is also a great example) you get the benefit of a more secure site with minimal additional effort.
There was a problem hiding this comment.
I adjusted this to include that.
swirtSJW
force-pushed
the
1450-Add-contrib-first
branch
from
2f3e59c
to
2d49f39
Compare
swirtSJW
dismissed
grugnog’s stale review
The requested changes have been made.
swirtSJW
force-pushed
the
1450-Add-contrib-first
branch
from
1216b50
to
9e32d83
Compare
swirtSJW
force-pushed
the
1450-Add-contrib-first
branch
2 times, most recently
from
1d6e550
to
5fa0ed2
Compare
swirtSJW
force-pushed
the
1450-Add-contrib-first
branch
from
97b43ec
to
4920877
Compare
for more information, see https://pre-commit.ci
#1450
📚 Documentation preview 📚: https://civicactions-handbook--1451.org.readthedocs.build/en/1451/