What are some of the career benefits of open source contribution? How can developers improve the software security supply chain?
Over the past few months, we planted these thought-starters throughout our Twitter feed to seek your opinions about these topics. To our delight, you had plenty to say when it came to the benefits of open source contribution, your favorite Linux distribution and more. And while you know how YOU answered, how did you answer stack up with the rest of the community? Let’s take a look.
Improved coding skills is a career plus for contribution
Open source contribution has a wide variety of benefits for anyone looking to get involved. When we asked you to weigh in on the greatest career benefit you’ve gained from contributing to open source projects, the majority stated that improving their coding skills has been the greatest advantage.
However, new or improved experiences and the ability to build a resume were a close second and third. Regardless of your preferred career benefit, one thing is certain – open source contribution can make all the difference in your growth as a developer.
Due diligence fuels software supply chain security
In an episode of the Bootiful Podcast, Spring Developer Advocate Josh Long interviewed Open Source Software Engineer Joshua Lock about open source software security, software security incidents, and how they led to some of the current projects in the community today. They discussed the Update Framework (TUF), which enhances security by adding metadata containing information about which signing keys are trusted, the cryptographic hashes of files and more.
While thinking about how TUF can act as a valuable solution for software security, this sparked the question: what is the most important thing developers can do to improve software supply chain security?
While most of you agreed that practicing due diligence was the best way to secure the software supply chain, many others felt that using multi-factor authentication (MFA) and updating dependencies would also be viable solutions for keeping open source software secure.
Start here: Review the README
Like all new endeavors, the most challenging part is taking the first step. When it comes to open source contribution, however, there are various first steps one could take to begin their journey.
When we asked you to reflect on what your first contribution step was, it was a very close race. However, reviewing the README pulled ahead of reading the code of conduct and signing the DCO/CLA. For more information on ways to get started in the open source community, check out our guide on how to contribute to open source.
Ubuntu reigns supreme for Linux distributions
A Linux distribution is an operating system made from a software collection that is based on the Linux kernel. Linux users usually obtain their operating system by downloading one of the Linux distributions, which are available for a wide variety of systems ranging from embedded devices and personal computers to powerful supercomputers.
So when we asked you to think about the hundreds of existing distributions and pick the one you like the most, we were ready for a heated debate. But in the end, Ubuntu proved to be the crowd favorite.
While our poll yielded a clear winner, there are numerous reasons why a developer would choose one distribution over another. Find out why some of our colleagues chose certain Linux distributions over others.
For more updates on open source community sentiment, check back for our next poll recap on the Open Source Blog and stay tuned for new polls on our Twitter channel (@vmwopensource).