Three perspectives from FOSS Backstage

As a community manager, I find FOSS Backstage to be one of my favorite conferences content-wise and community-wise. This is a conference that happens every year in Berlin, usually in early March. It’s a great opportunity to meet community leaders from Europe and across the world with the goal of fostering discussions around three complementary perspectives: a) community health and growth, b) project governance and sustainability, and c) supply chain compliance and security.

Community health and growth

While there were several interesting talks, one of the highlights of the “Community health and growth” track was Tom “spot” Callaway’s talk embracing your weird: community building through fun & play. Tom shared some really interesting ideas to help members bond together: a badge program, a candy swap activity, a coin giveaway, a scavenger hunt, and a karaoke session.

FOSS Backstage this year was special because I got to finally meet 3 members from the ClearlyDefined community who have given a new life to this project: E. Lynette Rayle and Lukas Spieß from GitHub and Qing Tomlinson from SAP. While we did not go into a scavenger hunt or a karaoke session (that would have been fun), we spent most of our time during the week having lunch and dinner together, watching talk sessions together, networking with old and new acquaintances, and even going for some sightseeing in Berlin. This has allowed us to not only share ideas about the future of ClearlyDefined, but most importantly to have fun together and create a strong bond between us.

Please find below a list of interesting talks from this track:

• Dr. Wolfgang Gehring: a journey to inner source
• Tom “spot” Callaway: embracing your weird: community building through fun & play
• Kyle J. Davis: how you write matters in Open Source
• Bertrand Delacretaz: distributed teams that actually work!
• Carmen Delgado: how contribution programs benefit mentors and participants
• Celeste Horgan: more than developers: growing your maintainer community
• Brian Proffitt: measuring the impact of community events
• Divya Mohan: navigating the gold rush: of influencer economies and FOSS
• Zainab Daodu, Omotola Enice Omotayo: docs for all: improving Open Source accessibility
• Mayank Jindal: Open Source inclusivity: empowering newcomers

Project governance and sustainability

In last year’s FOSS Backstage, I had the opportunity to meet Thomas Steenbergen for the first time. He’s the co-founder of ClearlyDefined and the OSS Review Toolkit (ORT) communities. Project governance and sustainability is something Thomas deeply cares about, and I was honored to be invited to give  a talk together with him for this year’s conference.

Our talk was about aligning wishes of multiple organizations into an Open Source project. This is a challenge that many projects face: oftentimes they struggle to align wishes and get commitment from multiple organizations towards a shared roadmap. There’s also the challenge of the “free rider” problem, where the overuse of a common resource without giving back often leads to the tragedy of the commons. Thomas shared the idea of a collaboration marketplace and a contributor commitment agreement where organizations come together to identify, commit, and implement a common enhancement proposal. This is a strategy that we are applying to ORT and ClearlyDefined.

Our slides are available here.

Please find below a list of interesting talks from this track:

• Dawn Foster: a strategic approach to assessing viability of OSS projects
• Ruth Cheesley: changing the governance model of an established project
• Rich Bowen: talking with management about Open Source
• Schlomo Schapiro, Gratien Dhaese: why is there no new release? Nobody pays for the basics
• Giacomo Tenaglia: CERN’s Open Source Program Office
• Per Ploug Krogslund: has Open Source outgrown the OSPO?
• Tarus Balog: adventures with Open Source business models
• Dirk Gernhardt, Klaus Mueller: Open Source excellence: Munich’s journey towards public code
• Paloma Oliveira, Fiona Krakenbuger, Lina Bocker, Thomas Steenbergen: freedom vs sustainable business: a candid necessary debate
• Shane Curcuru: who funds FOSS foundations?
• Dawn Wages: success through a thousand emails: fundraising and outreach
• Peer Heinlein, Daniel Zielke: the cuckoo in bidding: when manufacturer loses to itself
• Nick Vidal, Thomas Steenbergen: aligning wishes of multiple orgs into an Open Source project

Supply chain compliance and security

Under the “supply chain compliance and security” track, I was happy to watch a wonderful talk from my friend Ana Jimenez Santamaria entitled looking at Open Source security from a community angle. She has been leading the TODO Group at the Linux Foundation for quite a few years now, and it was interesting to learn how they are helping OSPOs (Open Source Program Offices) to create a trusted software supply chain. Ana highlighted three takeaways:

• OSPOs integrate Open Source in an organization’s IT infrastructure.
• Collaboration between employees, Open Source staff, and security teams with the Open Source ecosystem offers a complete security coverage across the whole supply chain.
• OSPOs have the important mission of achieving digitalization, innovation and security in a healthy and continuous way.

Please find below a list of interesting talks from this track:

• Melanie Rieback: when business models are conflicting with security
• Ana Jimenez Santamaria: looking at Open Source security from a community angle
• Mirko Boehm: EU cybersecurity regulation and Open Source governance
• Fukami: FOSS and security risk management
• Lina Bocker, Angelika Wittek: Open Source contributions in today’s world
• Petteri Kivimaki: automating Open Source license compliance

Bonus: Open Source AI

Nowadays, no conference would be complete without at least one talk about Artificial Intelligence, so Frank Karlitschek’s keynote what the AI revolution means for Open Source and our society was very welcome! Frank demonstrated that Open Source AI can indeed compete with proprietary solutions from the big players. He presented Nextcloud Assistant that runs locally, and that can be studied and modified. This assistant offers several exciting features: face recognition in photos, text translation, text summarization, text generation, image generation, speech transcript, and document classification –  all this while preserving privacy.

It’s worth pointing out that the Open Source Initiative is driving a multi-stakeholder process to define an “Open Source AI” and everyone is welcome to be part of the conversation.

Conclusion

I had a wonderful time at FOSS Backstage and I invite everyone interested in community, governance, and supply chain to join this amazing event next year. I would like to thank the organizers who work “backstage” to put together this conference. Thank you Paul Berschick, Sven Spiller, Alexander Brateanu, Isabel Drost-Fromm, Anne Sophie Riege, and Stefan Rudnitzki. A special thanks also to the volunteers, speakers, sponsors, and last but not least to all attendees who made this event special.

If you are interested in Open Source supply chain compliance and security, I invite you to learn a bit more about the ClearlyDefined and the ORT communities. Be sure to check out my report from the ORT Community Days.