Tooling

Effective InnerSource Strategies and Configuration for GitHub

This documentation is a compilation of the essential settings and strategies necessary for implementing InnerSource inside an organization. It encompasses both overall strategic elements and specific points relating to SCM configuration.

We also encourage you to read the OpenSSF's (Open Source Security Foundation's) Source Code Management Configuration Best Practices guide for a perspective focused entirely on security.

Table of Contents

GitHub

• GitHub InnerSource Strategies

  • Balancing Security & InnerSource: Who Can See What

  • Security-First Perspective and InnerSource-first Perspective

  • Visibility Differences by InnerSource Project Type

  • Project Participation Difficulty Level by Setting

  • Pros and Cons of InnerSource Dedicated Environment

  • Variations in how repository read access is distributed

  • Conclusion: High Level Guideline

• GitHub InnerSource Configuration

  • Enterprise Setting

    • Repository policies

      • Base permissions

      • Repository creation

      • Repository forking (Private / Internal)

  • Organization Setting

    • Member privileges

      • Base permissions

      • Repository creation

      • Repository forking

  • GitHub Enterprise Server Setting

    • GitHub Connect - Server statistics

  • Resources

GitLab