If your company has both proprietary software and open source developers, you may be trying to balance the two against each other. On the one hand, you want your employees to have freedom to contribute to projects they are passionate about, but you also need to act on behalf of your employer to ensure that their intellectual property isn’t given away unintentionally. One technique to help solve this problem is the sandbox approval.
A sandbox approval is a technique for tracking and managing open source contributions more efficiently. There is no need to have a compliance professional look at every line of code prior to making an open source contribution. Duane O’Brien and Lisa LaForge explain how and why the sandbox approval technique was developed, how it works, and what projects are most suitable for using it. In addition, Duane and Lisa discuss the role of architecture diagrams in the sandbox approval process.
Duane O’Brien is the Head of Open Source at Indeed.com, the world’s #1 jobs site. He is passionate about helping companies responsibly participate in the open source community.
Lisa LaForge is a practicing attorney in Silicon Valley and is a driving force in SanDisk Corporation’s open source program. Lisa chairs SanDisk’s open source steering committee and regularly speaks on open source topics, most recently at the 2015 Linux Collaboration Summit and at the 2015 LinuxCon. She authored an article on data insecurity as an unfair business practice that appeared in the October 2015 issue of CIO Review magazine.
©2016, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • email@example.com