Best Practices For Integrating Open Source Code In Commercial Enterprise Software
When we think of commercial enterprise software we generally think of private proprietary developed code that is owned by one company and licensed out to other companies to use and when we think of open source software we think of code that is open to the world, free and available to use by anyone. So, it seems almost ironic that we would be looking to merge these two fundamentally different approaches to software development into one piece of software.
However, just because it may blur the line between what is proprietary and what is open-source doesn't mean it should be done, and integrating open-source solutions into applications can have a massive benefit for any company.
Benefits of integration with open-source software
However, there are a lot of benefits for companies to look at integrating open-source code into their own proprietary solutions. These include:
Not needing to reinvent the wheel
A lot of effort can go into trying to solve various problems. This is exactly why developers get paid the amounts they do to help solve these different issues. However, not all solutions are necessarily worth the investment, especially if developers are investing large amounts of time writing code for problems that aren’t a core focal point of the application under development. An effort that has likely already been done by others and by utilizing these solutions, your developers can focus on solving bigger core issues that your software is intended for.
One of the challenges when writing proprietary code is ensuring that your software will integrate well with other common applications to make it easy for others to use your software. If there are common and popular open-source solutions that already provide this, then it makes sense for companies to utilize this code to ensure their final application plays well with the rest of the industry.
Making use of the best minds
Companies may not openly admit to this, but the smartest people in any given field are never in the same company. The truth is that intelligent minds are spread across all different companies and around the globe and when companies make use of different open-source components for their software, they get the benefit of the many bright minds that have worked on these applications, without needing to hire them directly.
Not having your development team need to build everything from scratch and use existing solutions in the final product, allows them to get a final solution faster.
Benefiting from Recent Advances
Software is constantly improving and it's difficult to keep up with all the latest trends. Especially in areas that aren't the specialty of the company itself. By utilizing open-source software in these areas, the company has the benefit of gaining from these latest software advances without needing to form deep expertise in them itself.
Upgrading internal developer skills
The spread of knowledge goes in many directions. Developers have already recognized that an effective way to learn and improve coding skills is through studying the practices of the best in the field. By having a company’s developers work with this code directly, they allow them to learn and improve their skill set and subsequently improve the skills of those around them.
Developer Recruitment and retention
Rightly or wrongly, there is a certain cool factor about working with open-source applications and the latest cutting-edge solutions that companies may not be able to provide internally. By following certain developers to work with open-source code that provides this, they can both improve their existing retention and make their company more attractive to the outside market from a recruitment perspective.
Best Practices to ensure smooth integration
So, it's clear that companies would want to look at making use of different open-source solutions in their final product, but there is a lot more to integrating with open-source software than merely copying and pasting code into your own repository.
Understand the legal implications
Firstly, open source code may appear to be free to simply use, but there is a legal agreement in place when you use it and it's important as a company to understand how and where the software can be used in a certain fashion and whether you can meet this legally. There will also need to be certain provisions written in a company’s own legal documentation that makes reference to the fact that they are using certain open source solutions and the respective credit to the owners of those projects made clear.
Open source is not always free
There is often a licensing requirement that is then attached to needing to use this software, though this is still often cheaper than the cost of developing a proprietary solution itself, so still, a decent option for a company to explore, even if the software is not essentially free.
Don't change for the open-source solution
Every company has specific software development practices and principles which they follow. Before integrating with any specific solution, they need to ensure that it meets these principles, so that teams don’t need to change their way of working just to better make use of this software.
This is especially true when it comes to programming language skills. Too often companies bring in open-source solutions written in a language that their developers don’t specialize in, and while it is a good opportunity for the developers to learn, you don’t want to build up a knowledge dependency on a specific language for part of the application and not a language the company intends on investing in the long term. Having rules on what languages and skills you are prepared to incorporate into the company, will help in determining whether to adopt an open-source solution or not.
Put guidelines in place for how the software is integrated
All companies have certain coding standards that they want their developers to adhere to in order to ensure the software is consistently written and made easier to maintain. With open-source software, you end up diluting these standards, which can be tricky for the developing teams. So, it's important that rules are put in place in terms of how open source code is managed and integrated into code - including which aspects of code can be modified and which can’t - to provide some level of consistency even in working with this open source code.
Document the open-source implementation
Developers need to always think of their documentation and commenting code to ensure others can work with the code they write. This becomes even more important when trying to integrate open-source software as the developers didn’t write it themselves and therefore need to make sure that they detail how it works so that future teams can work with it more easily.
Test the open-source solution extensively
While most open source solutions are quite extensively tested and include vast automated tests, you shouldn't rely on this - especially considering you may have different use cases for it than the open source code as intended for. At the end of the day, when you launch your application into production, a failure in the open source code is still a failure in your application and so you want to own the testing process and ensure your testing team is writing and automating their own tests around this code to ensure it meets your own specific use case and needs.
Allow time for flexibility when it comes to fixing defects
An issue can arise when you do find issues with the open-source code. While the logical thing to do is to then try and get your dev team to fix it directly, making major changes to open-source software prevents you from upgrading these code bases from their open-source libraries in the future and so for non-critical defects that don’t require an immediate fix, its best to rather log a ticket with the open source project and allow for it to be fixed and tested as part of that project - even if by your own team. This does slow down the defect resolution time and it's something a company will need to be prepared for.
Security and Performance Scanning
Introducing new code into a code base is always going to increase the risk of security issues arising. The same goes for performance issues where open-source code may not be fully optimized for your specific use case and environment ad so you want to ensure that you have the right scans and tests in place to identify early whether the specific open-source solution will work for your application or whether your team may need to make significant changes to it in order to get it to meet your needs. This needs to be identified early so that a team can make the right decisions around using a specific open-source solution, otherwise, a lot of effort is lost and so teams need to invest in putting these in place from the beginning.
The effort is worth it
There is a lot that companies need to be aware of when looking to include open-source solutions into their bigger corporate applications, but if they are prepared to put in the effort to build good practices around the process, then the reward and payoff are certainly worth it. The benefits of using open-source software are massive and it will benefit companies to find ways they can maximize their solutions by embracing the world of open-source.