How to publish open source code
Wherever possible, we make our source code open and reusable. This means other government departments and people in outside organisations can benefit from our work. We also maintain several open source projects developed for use on GOV.UK and with other work we do, such as the Puppet module for go-audit or the GDS Operations open source web site.
It’s not always appropriate to open code. There are situations when you should keep some data and code closed, for example when involving keys and security credentials.
The Service Manual explains how to open previously closed code and your responsibilities for maintaining open code.
You should release any open code with a clear license for reuse. As repositories often include both documentation and code, we use 2 licences:
- MIT licence for code and code samples in documentation
- Open Government Licence (OGL) for documentation
When you publish open source code, your project must:
- include a readme, you could follow GOV.UK’s guidance for writing a README
- have useful and informative commit messages about why a change was made
- provide a changelog, for example the specification for CPAN Changes files
- include an MIT and OGL licence file
- link to a public list of known issues and bugs, for example GOV.UK frontend toolkit
- have an email address to submit security related bug reports
- list a version number compatible with Semantic Versioning
Your open source code project should:
- publish packages to relevant language specific repositories such as PyPI - the Python Package Index or RubyGems
- post contributors’ guidelines in a contributing file, like the Go repository
- set up any tests to run in a public continuous integration environment using tools such as Travis CI, CircleCI or Jenkins
You could also provide a mailing list so people can discuss your project.