Blog entry: When agencies procure custom software, but keep the source closed, they are putting themselves at a significant disadvantage. There are some enormously compelling arguments—and some surprising arguments—in favor of agencies preemptively publishing source code. https://waldo.jaquith.org/blog/2023/12/publish-open-source/
Reason #1 your agency should release its software as open source: As a work of government, it may be in the public domain by default. You might not actually have a choice in the matter, in a legal sense, so you might as well embrace it.
Reason #2 your agency should release its software as open source: FOIA laws may well require that you share the source the first time somebody requests it, and they're free to then post it to GitHub or whatever. Better to get ahead of that and spare yourself a painful review and redaction process.
Reason #3 your agency should release its software as open source: Open source is more secure than closed-source software. An authority no less than the Department of Defense calls for publishing government software openly, having found that it's more secure than keeping the source closed. I love the directness of this bit of their FAQ:
Q: Doesn’t hiding source code automatically make software more secure?
Reason #4 your agency should release its software as open source: It can be important for many agencies to ensure that the public has confidence in their operations, especially when they issue decisions that are made by or augmented by software (e.g., benefits systems). Publishing the source code allows advocates etc. to easily verify that the software is in compliance with laws and regulations, instead of lobbing accusations at agencies based on keeping that code hidden.
Reason #5 your agency should release its software as open source: Requiring that your software development vendor incorporate only open source software, and that all the code they write is open source, means they can't slip in a copyright poison pill to then charge you licensing fees on the 1% of your software that they own.
Reason #6 your agency should release its software as open source: If your RFP says all code will be published on GitHub, crappy vendors will not want to bid, because they know their code is garbage. Good vendors will be eager to bid, to impress potential future customers. They'll put their best employees on the job, who will do their best work, to impress potential future employers. This lines up everybody's incentives to do their best work.
@waldoj If all your code is hosted on GitHub, then that puts many good vendors, who feel that Microsoft ownership of GitHub and Microsoft harvesting of data from GitHub are serious concerns, at still not bid. Codeberg, NotABug, SourceHut, etc. are all fully FOSS alternatives. Even GitLab is a better refetrence point.
@lwriemen Agencies have contracts with Microsoft, and none of those vendors are on any procurement schedules. GitHub, Azure DevOps, and Atlassian Suite are the only viable options.