🌱 OSS can decrease or increase your code liability

A wise person once said:

"Code is a liability, not an asset. Aim to have as little of it as possible."

Whether the open-source code in your projects is an asset or a liability depends on how you handle it. Almost all code in complex systems needs to be maintained.

If you do not update the OSS code in your projects, you are essentially forking it, and it is now "your code" and you own it. It is a static entity that is not gaining value unless you put direct effort into it. Additionally, there will likely be issues that you now need to solve. Very few OSS project maintainers are going to be interested in helping you fix a problem in a 5-year-old snapshot.

Alternatively, if you keep the OSS code in your projects up-to-date, then many issues automatically get fixed (security, compatibility, performance, bugs, new features, etc.). Additionally, if there is a problem, then maintainers will likely work with you to fix it. In this scenario, OSS code is an asset -- it is gaining much more value than your direct effort. However, you must commit to:

• updating OSS components regularly

• having an automated way to comprehensively test the system

• engage with the OSS projects you use, build relationships, and contribute where you can (documentation and bug reports are contributions)

Some effort is required on your part -- it's not a free lunch. However, if you do this right, the benefit-cost ratio (BCR) is high -- well worth it in the long term.