Organizations accumulate repositories over time. Some are actively maintained, but many become abandoned - no commits, no issues, no activity. These stale repos clutter your catalog, confuse new te...

Running an Open Source Programs Office means juggling a lot of operational tasks: tracking repository health, monitoring contributor activity, ensuring dependency hygiene, and measuring how well yo...

InnerSource practices don’t just improve collaboration - they can directly improve your security posture and code quality. When teams share code across organizational boundaries, more eyes review c...

If you’re running an InnerSource program, one of the hardest questions you’ll face is: “How do we know it’s working?” The answer requires defining what InnerSource means for your organization and t...

Rolling out GitHub Advanced Security across a large organization is a challenge. You want every repository to have code scanning and secret scanning enabled, but with hundreds or thousands of repos...

In working as a consultant for companies, I have visibility into companies working hard to make InnerSource work. One crucial part of that is what’s referred to as the “discovery” problem. The prob...

At a previous job we set up a Jenkins server to run some Continuous Integration (CI) on an InnerSource project that we were maintaining. No problem right? Well… Who was going to maintain that serv...

At a previous company I began noticing that we were spending a lot of time “reinventing” projects that already existed as open source or even rebuilding our own version of proprietary things that o...