Community Blog

Community Blog

Open Source Readiness - Weekly Update - 30 January 2023

January 30, 2023

This year at FINOS I am going to be focusing on one of FINOS' key existing projects: Open Source Readiness. This is FINOS' term for helping the finance industry "do open source properly". 

What is a body of knowledge, and why do we need one?

First, the landscape of open source is really confusing. Even just within the Linux Foundation, we have the FINOS’ Open Source Readiness project, the TODO group (with its various communities and chapters) and the OpenSSF (open source security foundation) as well as the Linux Foundation Training. And that’s before you even consider other organizations beyond the LF. So, some way of navigating this is a good idea. How do they all fit together?

Second, assuming you can make sense of the landscape - what does it mean in terms of recommendations? If I am a CTO inside a technical organization, which courses should I make my developers take? Or the compliance staff? Or myself? And for what reasons? It would be really helpful to be guided through this by my peers. And this is not just about people reviewing certifications or courses like they review restaurants, there should be a clear link between the organizational risks I want to guard against and the content of the courses.  That is, can we assert that the training materials are fit for purpose? The only way we could make an assertion like this is if there was agreement around what the purpose was. We’re looking for requirements traceability, essentially.

Third, a body of knowledge is going to allow authority to pass from the experts in the field through to people upon which certifications are bestowed. Experts will agree on the content.  The material in the training courses will be based on this. The certifications will test for knowledge of this content. This is best shown in the diagram, below:


What Does A Body Of Knowledge Look Like?

At this point, the best analogy I can give is Wikipedia. Crucially, Wikipedia doesn’t create knowledge of its own. It makes reference to existing knowledge on the internet. However, it does provide a focal point for each subject.  It provides an introductory description, and tells you where you need to look next.  Best of all, it places the subject within the context of all the other related knowledge.   The page on “Foxes” for example places the fox within the order of Carnivores in the class of Mammals, and tells me about the other different kinds of foxes there are.   

Crucially, a group of experts has come together to agree on the contents of the page on foxes, and provide citations for all the fox-based facts on that page.  

Over the next week or so, I’ll be trying to put together a few pages in our existing open source readiness microsite to demonstrate how this could hang together. We’ll be involving the open source readiness community in this work to try and make sure we’re going in the right direction. And we’ll be using GitHub’s built-in tools around pull requests and reviews to put together a workflow for taking this forward. 


If you’d like to get involved join the Open Source Readiness SIG this week - Wednesday February 1st

Interested in this FINOS open source project, or any of our other projects? Click the link below to see how to get involved in the FINOS Community.

Get Involved