The lead developer at an educational platform (Interviewee 1) described a formal process for adopting open source software: if a dependency is deemed 'business critical', the team creates a business case for review by InfoSec, the principal engineer, and potentially the CTO; if not deemed 'business critical', the team adopts the dependency after a peer review during a pull request.

Authors

• Person: Not available Organization: Department for Science, Innovation and Technology
  Open source software best practices and supply chain risk ... - GOV.UK

Sources

• Open source software best practices and supply chain risk ... - GOV.UK www.gov.uk Department for Science, Innovation and Technology via serper

Referenced by nodes (1)

• pull request concept