The US Department of Defense wants you to contribute unclassified code to open-source software projects developed in support of national security.
Toward that end, it has launched Code.mil, which points to a Github repository intended to offer public access to code financed by public money. But at the moment, the DoD’s repo lacks any actual code.
Open source and free software represent industry best practices, the DoD said in a statement, even as it acknowledged the agency has yet to widely adopt it. Code.mil represents an attempt to change that dynamic.
On the project website, the DoD goes so far as to suggest that anything other than open source software puts lives at risk.
“US military members and their families make significant sacrifices to protect our country,” the agency explains in its FAQs. “Their lives should not be negatively impacted by outdated tools and software development practices that lag far behind private sector standards.”
And in case that isn’t clear enough, the agency states, “Modern software is open-source software.”
But before open source can ride to the rescue, government programmers and whatever community coalesces around them will need to find a suitable software license to apply to DoD projects.
Because code written by federal government employees for the most part does not qualify for copyright protection, it cannot be protected by licenses that rely on copyright law.
But a Creative Commons Zero (CC0) license, which would put the code into the public domain, isn’t quite the right fit. Outside the US, countries may not accept CC0 as a valid way to waive copyrights or may have different legal requirements, which makes contributions from those abroad problematic.
“Software constantly evolves with each contribution potentially having a different copyright and license status,” the agency says. “Merely placing source code in the public domain with CC0 1.0 does not address how contributions will affect the openness of the project over time.”
So rather than using a common open-source license or creating a new one – something the DoD CIO discourages – the agency has drafted a proposed Defense Open Source Agreement (DOSA), which uses “contract law to attach licenses to our projects.”
The DOSA lets the DoD require that contributors abide by an open-source license despite its lack of copyright – the right by which a software license would typically be imposed. It also requires that contributors accept an agreement known as a Developer’s Certificate of Origin, by which programmers attest that they have the right to any code they may contribute.