Newbie question on code vetting

william.boquist at william.boquist at
Sat May 6 06:33:55 CEST 2006

Edward, thanks for the thoughtful comments.

I would like to offer a couple of links to the kind of stuff I am talking
about w.r.t. the "transparency" issue.

First, some from Eclipse: See especially the "committer resources" stuff
at the bottom.

Here are a couple more from the Apache software foundation. My understanding
is that these methods/principles are applied across all projects within the

My thinking is that if that kind of documentation were more widely
available, the process of doing appropriate diligence on the part of the
consuming organizations would be easier and more repeatable. As it is now,
one is pretty much left to rummage around on project web sites trying to get
a gut feel for what is going on. Asking the higher-ups at work to reach
technology management decisions based on my gut feel is an uphill climb. It
is difficult to erase "FUD" among managers, but if it can be done not just
at my company, but widely, more people can use and examine the code, report
bugs, suggest improvements, etc. Availability of documentation like the
Eclipse Project and the ASF are a big step in the right direction, I think.

The overall goal is to remove a barrier to more widespread use of Open
Source - growing the mindshare dedicated to it and potentially shrinking the
mindshare dedicated to commercially-produced software. A couple of
responders to my earlier notes wrote something like "do you ask the same
thing of closed source vendors?" The answer is "no, not at present", but if
the Open Source movement can cause Bill Gates to show his code to the
Chinese government, who knows what else it can do? I think the Open Source
movement is leading, not following, commercial code producers. If there is a
better way to do business, I would like to see Open Source get there first.


More information about the Python-list mailing list