This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Considerations When Choosing Open Source

Among several open source options that offer similar functionality, which one should you choose?

    If you have decided to use open source to implement a needed feature, which one should you choose among the several open source projects that offer similar functionality? Let’s look at the points to consider from various angles.

    Quality

    The quality of open source — including functionality, performance, and compatibility — is the most important factor when choosing open source. For a project hosted on GitHub, you can gauge the maturity of the open source by its number of stars and forks. A technical organization that intends to use open source should thoroughly verify its functionality and performance before adopting it into a product/service.

    Community

    Whether the community is active — how many users the open source has, whether issues are well managed, and whether it is continuously updated — is also a consideration when choosing open source. It is more advantageous to choose open source with a community that is still active today than one whose community activity stopped years ago.

    Documentation

    To properly adopt and maintain open source, you should also check how thoroughly the project provides documentation. The deliverables of a well-documented project are easier for a company to adopt. It also makes it easier to contribute the company’s improvements back to the project as patches.

    Security Vulnerabilities

    Open source with known security vulnerabilities should not be used. Versions of open source in which security vulnerabilities have been found are tracked in databases such as CVE. You should check whether the version of the open source you intend to use has security vulnerabilities before using it.

    License

    An open source license is a permit that grants everyone the right to use the software freely. However, most open source licenses impose obligations that must be observed when redistributing the open source — for example, notice obligations and source code disclosure obligations. GPL-2.0, a representative open source license, requires that even the source code of software combined with it be disclosed. Therefore, when choosing open source, you must check in advance what its license is and whether you can operate in an environment that complies with that license. The open source compliance activities for this are explained below.