How is maintaining an open source project these days
From CitconWiki
Jump to navigationJump to search
Topics:
- Supply chain
- Where to start
- Keeping the repository secure
- Governance model
- Licensing
- Responsibility for larger projects, EU regulations
Discussion:
- Support from GitHub for marking AI generated commits (pull requests)
- AI work is welcome, in small patches
- Don’t spam with AI pull requests
- In medical field the notion of “software of unknown origin”, you have to go and validate the project, own the responsibility, vendor the dependency
- Own the CI infrastructure
- Private repository for vetted dependencies
- Check your motives: do you want to make money or truly give stuff away, pick a good license for your motives
- Consider choosing a foundation
- Finding a partner/community with the same interest to kickstart the community
