Core Concepts
The open source software (OSS) community, led by skilled developers known as "hackers", has developed advanced software development practices involving frequent releases and global collaboration. However, there are myths and misconceptions about the OSS community that need to be addressed to better understand its practices and apply them to improve employee experience (EX) in corporate software development.
Abstract
This report examines six common myths about the OSS community and evaluates their validity using data analysis and literature review. The key findings are:
Communication within the OSS community is not moderate, with developers responding to each other within 4 hours for about half of all communications, dispelling the myth of long communication intervals.
Contrary to the myth that the OSS community never sleeps, developer activity is concentrated during office hours in North America, suggesting a need to explore more asynchronous development methods.
While the OSS community is often perceived as quickly halting development, data shows that half of OSS projects are still active 4 years after adoption, highlighting the longevity of many OSS initiatives.
The myth that the OSS community is immune to security vulnerabilities is not entirely accurate, as it can take around 3 months to resolve some vulnerabilities, indicating the need for collaborative vulnerability management.
While most bug reports and feature requests in the OSS community are resolved within 2 weeks, a significant portion (at least 25%) take over 3 months, suggesting the importance of effective requirement triage.
The OSS community consists of developers with diverse roles, not just top-notch coders, providing insights for companies to foster inclusive software development practices.
The report concludes by discussing the key lessons that can be learned from the OSS community's development style and the challenges that need to be addressed to achieve better employee experience (EX) in corporate software development.
Stats
Median time interval for issue discussion is approximately 4 hours.
Median time interval for pull request resolution is less than 40 minutes.
Half of OSS projects are still active 4 years after adoption.
Median vulnerability resolution time is around 3 months.
Most bug reports and feature requests are resolved within 2 weeks, but at least 25% take more than 3 months.
Quotes
"Given enough eyeballs, all bugs are shallow."
"Treating your users as co-developers is your least-hassle route to rapid code improvement and effective debugging."