New DoD OSS guidance memo (2022)
92 views
Skip to first unread message
Dan Risacher
Jan 26, 2022, 2:56:03 PM1/26/22
to mil...@googlegroups.com
John Scott
Jan 26, 2022, 3:08:54 PM1/26/22
to Dan Risacher, mil...@googlegroups.com
Awesome !
On January 26, 2022 at 2:56:03 PM, Dan Risacher (d...@risacher.org) wrote:
--
--
You received this message because you are subscribed to the "Military Open Source Software" Google Group.
To post to this group, send email to mil...@googlegroups.com
To unsubscribe from this group, send email to mil-oss+u...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/mil-oss?hl=en
www.mil-oss.org
---
You received this message because you are subscribed to the Google Groups "Military Open Source Software (Mil-OSS)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mil-oss+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mil-oss/CAAD1OeK0izdxUUALv111YMbd-Mr7r0QSCuRhU0Xka2%2Bn77tukw%40mail.gmail.com.
John Scott
Jan 26, 2022, 3:23:53 PM1/26/22
to Dan Risacher, mil...@googlegroups.com
Now does it pass "Hellekson's Law” ?
Mark Bohannon
Jan 26, 2022, 3:28:54 PM1/26/22
to mil-oss, jms...@gmail.com, Dan Risacher
That really dates you, sir
To view this discussion on the web visit https://groups.google.com/d/msgid/mil-oss/CAPzJ1p2_Gk-ZjP--0tiNUkpBKMEFqUmYUtdP3YDiV9LHTUGhWQ%40mail.gmail.com.
John Scott
Jan 26, 2022, 3:41:25 PM1/26/22
to mil-oss, Mark Bohannon, Dan Risacher
At least someone is keeping track ;-p
Dan Risacher
Jan 26, 2022, 3:47:30 PM1/26/22
to mil...@googlegroups.com
I invoked Hellekson's law many times in coordinating this memo.
(i.e. Every time someone asked me to put in general software guidance that wasn't specific to OSS.)
Hopefully, I did okay in the end product.
At least once, Richard Gray (former legal counsel to the CIO) called me out for violating it, which I think is hilarious.
To view this discussion on the web visit https://groups.google.com/d/msgid/mil-oss/CAJvGNvytujWs4hcK5DhyG%2BdRPX8HKyh0%3DGSVeQZ8G5EsC8PD8w%40mail.gmail.com.
John Scott
Jan 26, 2022, 3:51:22 PM1/26/22
to Dan Risacher, mil...@googlegroups.com
Only Gunnar can give absolution, js
To view this discussion on the web visit https://groups.google.com/d/msgid/mil-oss/CAAD1OeL_ucC6WG1vXRE8eFAkeufMXZc4sQZy%2BSXsJewcYjQnBg%40mail.gmail.com.
Tina
Jan 26, 2022, 3:53:25 PM1/26/22
to mil...@googlegroups.com, Mark Bohannon, Dan Risacher
The first reference to Hellekson's Law for me (beyond ad for a law firm in Minnesota) came up from a blog from risacher.org. So, you've been known to invoke it a time or two...
Thanks for continuing to make things clearer for feds and contractors alike.
To view this discussion on the web visit https://groups.google.com/d/msgid/mil-oss/CAPzJ1p2xtcK3FzsiobFNEM-YRYx_rantQkffQssoLd66CbAzfg%40mail.gmail.com.
Ron Lichtinger
Jan 26, 2022, 3:57:14 PM1/26/22
to mil...@googlegroups.com, Mark Bohannon, Dan Risacher
As the former publisher of FierceGovernmentIT, I'm just very happy to see that Dan not only continues to do great work, but that he has his 'Fierce 15' award from almost 10 years ago still listed on his LinkedIn profile!
To view this discussion on the web visit https://groups.google.com/d/msgid/mil-oss/CAPzJ1p2xtcK3FzsiobFNEM-YRYx_rantQkffQssoLd66CbAzfg%40mail.gmail.com.
Cem Karan
Jan 26, 2022, 4:30:00 PM1/26/22
to mil...@googlegroups.com
Dan, does this mean that the DOD has procedures that the different components can adopt for releasing OSS? ARL is still using what I wrote up years ago, and while it was the best that could be done in the internal political climate at the time, it'd be nice to think that things are further along now and ARL could adopt something from the DOD directly that works better...
Thanks,
Cem Karan
Brad Hards
Jan 26, 2022, 5:11:59 PM1/26/22
to mil...@googlegroups.com
On Thursday, 27 January 2022 6:55:47 AM AEDT Dan Risacher wrote:
> https://dodcio.defense.gov/Portals/0/Documents/Library/SoftwareDev-OpenSourc
> e.pdf
Is there something that OSS software projects can do to help "tick the boxes"?
One of the projects I work on has this:
https://github.com/WestRidgeSystems/jmisb/blob/2.x/SECURITY.md
However I wonder if there is a broader need to help acquisition folks who
don't necessarily know how to turn the CIO policy into a decision record.
Brad
> https://dodcio.defense.gov/Portals/0/Documents/Library/SoftwareDev-OpenSourc
> e.pdf
Is there something that OSS software projects can do to help "tick the boxes"?
One of the projects I work on has this:
https://github.com/WestRidgeSystems/jmisb/blob/2.x/SECURITY.md
However I wonder if there is a broader need to help acquisition folks who
don't necessarily know how to turn the CIO policy into a decision record.
Brad
Kane McLean
Jan 26, 2022, 5:39:22 PM1/26/22
to mil...@googlegroups.com
Nice!!! Glad to see this is still getting attention and practical formal guidance is finally inked.
Kane
--
--
You received this message because you are subscribed to the "Military Open Source Software" Google Group.
To post to this group, send email to mil...@googlegroups.com
To unsubscribe from this group, send email to mil-oss+u...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/mil-oss?hl=en
www.mil-oss.org
---
You received this message because you are subscribed to the Google Groups "Military Open Source Software (Mil-OSS)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mil-oss+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mil-oss/11743414.i6HC03IOip%40audax.
Kane
Sent from my mobile device
David A. Wheeler
Jan 26, 2022, 6:29:13 PM1/26/22
to mil...@googlegroups.com
> On Jan 26, 2022, at 2:55 PM, Dan Risacher <d...@risacher.org> wrote:
> https://dodcio.defense.gov/Portals/0/Documents/Library/SoftwareDev-OpenSource.pdf
I'm sure this took a lot of coordination effort, it's impressive Dan
got this through to the finish line. Much of this builds on the
previous memo, which is great, and I was happy to
see some new or improved items.
I was very happy to see this anti-forking statement:
"Creating a separate, DoD-specific version of any OSS project, for any reason,
increases support risk and should be avoided whenever possible."
This "worst practice" has probably cost the government a
sizable sum, I'm glad to see specific guidance discouraging it.
I was also happy to see a statement for releasing orphaned software
via the relevant CIO (I know Dan wishes that had been in the
previous version; I'm glad to see it's here):
"In cases where the management of an existing software codebase is unclear, DoD
Components and Component CIOs are authorized and encouraged to make any necessary
determinations to resolve ambiguity and release legacy code as OSS where warranted.
For example, a CIO may choose to release "orphaned" software that was developed by a
program that has since been terminated, but may be useful to other agencies."
I was intrigued by this statement:
"The Department must follow an "Adopt, Buy, Create" approach to software,
preferentially adopting existing government or OSS solutions before
buying proprietary offerings, and only creating new non-commercial software
when no off-the-shelf solutions are adequate."
I wish everyone the best!!
--- David A. Wheeler
Reply all
Reply to author
Forward
0 new messages