
Ask HN: Does your company have an open source release policy? - GauntletWizard
I&#x27;m working with some fairly new technology (k8s). There&#x27;s a lot of simple things that can be done with a few minutes work. I&#x27;ve already got a blanket signoff to contribute to upstream repos, but today I found something that would work best if I release a new repo. I&#x27;d like to do it from a corporate perspective, because I think it would be good citizenship, however, we don&#x27;t have a general policy for how public releases are managed.<p>Does your company have a general open source release policy? Does it include different patterns for contributing to an existing project, vs creating a new project? What about small vs. large projects; i.e. a small module for common use (leftpad) vs a larger project expecting a community (tools like Envoy, Kubernetes)<p>If there&#x27;s examples of open source policies we could simply adopt, that&#x27;d be great, too.
======
jandrese
My company has this complicated release process for open source software. You
have to have a technical review and then a legal review of the package and
then it has to go to committee to be signed off. The software can then be
released on a specific channel that I've never ever seen someone mention on
the Internet.

I'm pretty sure the public release committee would explode if you described
pushing commits to a public repo.

For legal reasons I doubt this will change anytime in the near future.

------
avh02
Doesn't exactly answer the question as stated, and you seem to not be on the
same boat - but I'd like to contribute a flipside story for anybody
interested:

I tried to get one together at my last job - got all the way through legal
approval and okayed by engineering heads and team leads. But - nothing ever
got released as an open source project.

Maybe i didn't push enough, but I also sensed there were invisible obstacles
in the way.

For anyone in the same boat - push for it!

------
FLGMwt
Our company does. It's a mix of technical review by relevant peers plus a
dedicated review committee (mostly looking for good docs and company
internals). Then we send it off to legal which is a quick turnaround.

It's a pretty new process and we only have one project out there
([https://github.com/rallyhealth/szl](https://github.com/rallyhealth/szl)),
but there's a few projects in review.

With this post, I'm actually thinking the next submission should be our OSS
review process and guidelines :)

------
pseudobry
Google's policy:
[https://opensource.google.com/docs/](https://opensource.google.com/docs/)

