Open Source Systems: Enterprise Software and Solutions

The existence of a community plays a central role in the development of Open Source Software (OSS). Communities are commonly defined as a group of people sharing common norms or values. The common interest of an OSS project is obvious: to develop software under an OSS license. When we look at the rather general definition of a community, we see that there is a similarity to the term ‘organization’. This paper draws parallels between OSS projects and the general elements of an organization and shows the different elements comprised in an OSS community: people, organization and assets. Each of those elements is enriched with examples from different research in the corresponding OSS research stream and provides a broad overview of the elements of OSS projects. With the help of this comparison, research on OSS can be made more focused and aligned with organizational research.

Crowdfunding campaigns enable individuals to bring their ideas to production by appealing directly to the end-market and the global community. A number of these projects are open source, seemingly, counteracting the funding process. We interviewed founders, developers and managers of 13 crowdfunding initiatives involving open source products to determine how communities, crowdfunding campaigns and open source are associated. Our findings verified the existence of common characteristics among the cases, the emergence of a family-like relationship between the organizers and the community, as well as the community perceived as a success factor. We suggest that the development of certain niche products inherently leads to the adoption of open source as a licensing model and crowdfunding as the capital gathering process.

An Open Source Software (OSS) project can be utilized either as is, to serve specific needs on an application level, or on the source code level, as a part of another software system serving as a component, a library, or even an autonomous third party dependency. There are several OSS quality models that provide metrics to measure specific aspects of the project, like its structural quality. Although other dimensions, like community health and activity, software governance principles or license permissiveness, are taken into account, there is no universally accepted OSS assessment model. In this work we are proposing an evaluation approach based on the adaptation of the City Resilience Framework to OSS with the aim of providing a strong theoretical basis for evaluating OSS projects.

Community dynamics play an important role in the Open Source Software (OSS) development paradigm. Researchers have extensively studied the human aspects of the OSS paradigm from the point of view of community formation to community evolution. A few studies relate community dynamics with OSS product attributes such as code quality. However, the impact of community dynamics on non-code contributions such as commits has not been explored. In this paper, the aim is to analyze the impact of community dynamics on syntactic quality of commit messages of an OSS project. We first propose and validate a commit message quality model, and then use that model to analyze the OSS projects. Empirical analysis of seven OSS projects available in the Git repository shows that a small group of contributors active at the same time in a project leads to high syntactic quality contributions. These observations may prove useful to developers as well as project managers who need quantifiable techniques for monitoring the OSS projects.

With almost 20 years of research, Process Mining can now be considered to be in a mature phase allowing its application to a variety of sectors. In this article, the bug closure process that is followed by a community of an open source software project is investigated in order to perform process conformance checking. Actual data that reveal the process steps have been extracted from the project’s Bugzilla database and have been used as input in Disco process mining tool. The data includes extracted information for more than 19,000 bugs for the past 15 years in a csv form, formatted appropriately to construct an event log suitable for process mining. The extracted models have been compared to the process described in the project’s blogs and wikis by the community. The same models are also compared to the bug closure process that Bugzilla suggests to be used by the projects using this software for bug tracking purposes. The findings reveal that indeed the process followed in the OSS project is very similar to the declared one but variations do occur under specific circumstances. However, the process is not identical to the one proposed by Bugzilla suggesting that each OSS project can customize its processes in order to better address the needs of the project and the community. This empirical research highlights the importance of process mining in OSS projects in order to investigate the processes followed and identify outliers helping to standardize and improve the processes and enhance the collaboration among the members of the communities.

Performing source code static analysis during the software development cycle is a difficult task. There are different static analyzers available, and each of them usually works better in a small subset of problems, making it hard to choose a single tool. Combining the analysis of different tools solves this problem, but brings about other problems, namely the generated false positives and a large amount of unsorted alarms. This paper presents kiskadee, a system to support the usage of static analysis during software development by providing carefully ranked static analysis reports. First, it runs multiple static analyzers on the source code. Then, using a classification model, the potential bugs detected by the static analyzers are ranked based on their importance, with critical flaws ranked first, and potential false positives ranked last. Our experimental results show that, on average, when inspecting warnings ranked by kiskadee, one hits 5.2 times less false positives before each bug than when using a randomly sorted warning list.

Software release planning is crucial to software projects that adopt incremental development. Open source projects depend on their globally distributed maintainers’ communities who share project information, usually described in the software project repository as issues, to plan the contents and timing of the next releases. This paper introduces an approach based on software issues to support decision-making regarding open source software development activities such as release planning and retrospectives. It uses the PageRank algorithm to suggest an importance ranking of the software issues based on the issues dependencies topology. When based on a highly connected topology, project leaders can use this rank as an input to planning activities. The observation of two open source projects indicates the feasibility of our approach.

Open Source Internet Research Tool (OSIRT) is a free and open source software tool that enables law enforcement officials to conduct online research and obtain artefacts in an evidential and lawful manner. Over the past three years, OSIRT has seen growth from a handful of users within UK law enforcement, to a reach that extends to countries across the globe which also sees usage outside of law enforcement and beyond its original scope.

This paper will reflect upon OSIRT’s development, and discusses issues surrounding the development of a FLOSS product for UK law enforcement. With cuts to budgets being made to law enforcement services, FLOSS software like OSIRT has an opportunity to flourish in this sector. To establish OSIRT’s and FLOSS’ integration into UK law enforcement, interviews, a small case study and questionnaires were conducted with serving police officers, police trainers and an IT administrator; all have experience with OSIRT.

Use of Free and Open Source software has started to get an increased level of functionality and trust, following the existence of a variety of solutions and supporting communities across the Web. In this paper, the current penetration and usage of Free and Open Source Software in the municipalities of Greece was recorded, as well as its potential especially when compared with the current state of computerization and hardware level. Conclusions were drawn on whether the municipalities will benefit from the usage of Free and Open Source Software, in technical and financial terms, as well as proposals are submitted in how the municipalities can benefit from an uptake in technology (especially Cloud computing), given their existing IT staffing and municipality organization. The possibility of improving the provided services to the citizens by using this software is also examined as well as cost aspects that can be improved.

In this paper, we propose a model conceptualization (Linked Open Economy - LOE) capable of exploiting the massive amount and variety of open economic data that are gradually becoming available by governments and open source communities. The main aim is to unleash the power of open data and open source systems and create a common ground to serve as a catalyst in providing more efficient answers in important economic activities.

Almost all software products today incorporate free/libre, and open source software (FLOSS) components. Companies must govern their FLOSS use to avoid potential risks to their intellectual property resulting from the use of FLOSS components. A particular challenge is license compliance. To manage the complexity of license compliance, companies should use tools and well-defined processes to perform these tasks time and cost efficiently. This paper investigates and presents common industry requirements for FLOSS governance tools, followed by an evaluation of the suggested requirements by matching them with the features of existing tools.

We chose 10 industry leading companies through polar theoretical sampling and interviewed their FLOSS governance experts to derive a theory of industry needs and requirements for tooling. We then analyzed the features of a governance tools sample and used this analysis to evaluate two categories of our theory: FLOSS license scanning and FLOSS in product bills of materials. The result is a list of FLOSS governance requirements based on our qualitative study of the industry, evaluated using the existing governance tool features. For higher practical relevance, we cast our theory as a requirements specification for FLOSS governance tools.

In this paper we present the development of a collaborative community using exclusively open source software. After the definition of the functional requirements of the project, we focus on finding specific software components to satisfy these requirements. The intention was to minimize the development effort and labor, relying on open source software. As a result, the platform was developed writing less than 10% of the required code and reusing more than 20 software components, not counting the software dependencies. The new components developed form our contribution to the community.

Discovering Open Source Software (OSS) components efficiently is not always an easy task. Node.js is a popular JavaScript runtime environment, whereas Rust is widely used for system programming, and both can be utilized for OSS discovery purposes. In this work, we examine whether Rust and Node.js can be used, along with their respective tooling and package repositories, in order to achieve improved discoverability of existing OSS implemented in C/C++. The paper describes how the capabilities of Rust in C/C++ interoperability can be combined with novel compilation techniques of low-level code to asm.js and WebAssembly, in order to harness JavaScript’s popularity as the medium to publicize hard to discover C/C++ OSS. A proposed incremental methodology is presented and the main, as well as the collateral, effects of enforcing the proposed methodology in a proof-of-concept situation are examined. Our findings indicate potential increase in discoverability, code quality, portability, along with viable performance degradation of portable binaries, demonstrating 8.7 times slower execution compared to machine code, in a worst-case scenario.