Skip to content
Risk Working Group Repository
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
focus-areas
CONTRIBUTING.md Create basic contribution guide (FROM WG-D&I) Mar 25, 2019
LICENSE
README.md
ROADMAP.md
code-of-conduct.md Add CHAOSS code of conduct (FROM WG-VALUE) Mar 25, 2019

README.md

CHAOSS Risk Metrics Working Group (RISK WG)

standard-readme compliant

Read our Launch Plan

Risk is a new group, focused on metrics for issues pertaining to Risk in open source.

Economic value is expressed in different ways for different types of stakeholders. We will be exploring this space in the coming months.

See our draft focus areas for more info.

  1. Security
  2. Code Quality
  3. Licensing
  4. Business Risk
  5. Transparency

Join our Mailing List

This CHAOSS working group is using the general CHAOSS mailing list.

Join our Weekly Calls

The Risk Working Group meets every Monday from 11-12 Pacific Time. All are welcome.

The videoconference URL is https://unomaha.zoom.us/j/720431288.

You can also read our meeting notes.

Background

Problem Statement

We have gotten requests from community members to establish industry-standard metrics for risk in open source. Lack of metrics makes it difficult for business decision makers to compare open-source methods to alternatives. Lack of metrics makes it difficult to allocate resources optimally across projects, slowing decision making and product innovation.

Opportunity

We believe that risk metrics can accelerate the adoption of open source methods within industry, providing more opportunities for developers to make a living wage in open source.

Goal

Between March 2019 and September 2019 we will execute a launch plan with limited goals:

Identify Stakeholders and Validate Interest

  • Identify market segments and stakeholders
  • Understand Who cares about Open Source Risk (and why)
  • Specify and prioritize Key Performance Indicators
  • Calculate potential aggregate risk

Grow hands-on community

  • CHAOSS Members: Consultants, researchers, grant writers
  • Project Stakeholders: Sponsors, maintainers, contributors, consumers

Build reusable assets

  • Repeatable methodology for discovering value
  • MVP Tooling with Development Roadmap

In the long term, we’d like to publish trusted industry-standard Risk Metrics. A kind of S&P for software development, an authoritative source for metrics significance and industry norms.

Work To Date

We're just getting started!

Contributors

Maintainers

Core Contributors

The criteria for becoming a core contributor is to participate at least once per month over a period of 3 months. Participation could include providing feedback in the weekly D&I meetings, providing feedback on docs, or making other contributions on GitHub (commits / issues). People not participating over a 3 month period may be removed as core contributors.

If you'd like to be on our squad, an easy way to start is by going through the issue list and fixing some. 🎉

All Contributors

Ordered by first name

Are you eligible to be on this list? You are if you helped in any capacity, for example: Filed an issue. Created a Pull Request. Gave feedback on our work. The team will try to update this list monthly, but please open an issue or post on the mailing list if we've missed anyone.

If you find yourself missing, please create a pull request or reach out to a maintainer. We started to maintain this list after starting the working group and are likely missing some of you. If you find yourself listed here and want to be removed, please create a pull request or ask a maintainer.

You can’t perform that action at this time.