The Federal Ministry of the Interior provides the Open CoDE platform with which public administrations can exchange and develop open source software.
Without public fanfare, the Federal Ministry of the Interior has put the open source development platform Open CoDE into regular operation. Only an inconspicuous tweet from State Secretary Markus Richter, the Federal Government’s Chief Information Officer (CIO), called for participation in the platform at the end of June.
Open CoDE is intended to serve public administration as a central platform for the exchange and joint development of open source software (OSS). The platform consists of a self-operated instance of the widespread web-based version management GitLab as well as a software catalog and a discussion forum. The project was launched by the Federal Ministry of the Interior and the federal states of Baden-Württemberg and North Rhine-Westphalia. The municipal IT service provider Komm.One operates the platform.
GitLab offers typical functions for collaborative software development such as source code repository, bug tracker and wiki. The independent software catalog should allow searching according to criteria such as area of application, operating system or state of development. To do this, software projects must store metadata in a text file in the “publiccode.yml” format, a standard developed in Italy. During our research, however, the filter function did not work.
According to the Federal Ministry of the Interior, Open CoDE should promote “cross-level work” on administration-related software projects and create transparency about existing open source solutions in administration. The platform is primarily aimed at authorities and public bodies from all over Germany or service providers commissioned by them. Only they are allowed to create project repositories.
Authorities should be able to rely on the fact that they are allowed to use the software themselves without having to do extensive research themselves. A guide to licensing and a list of which licenses are eligible will help.
The hacker Lilith Wittmann criticized Open CoDE on Twitter, sometimes severely, and called the platform a “code dump”. The latter is based on the fact that many projects were not visibly active. “Unfortunately, an OSS platform does not create an OSS culture,” stated Wittmann. She herself initiated the documentation of state interfaces on GitHub with the bundesAPI project.
Also, there is no compulsion to offload all public software projects to Open CoDE now. Other platforms can continue to be used, but the source code must be mirrored to Open CoDE for publication in the software directory.
As part of our research, we were able to derive (fork) an existing project on gitlab.opencode.de without any problems, make changes to it and submit them again as a merge request. This was also processed and accepted, albeit not as quickly as with vital open source projects, but more with the coziness of an official room. In fact, many of the 100 or so projects are not particularly active or have only created the project repository with the first upload. In addition, it is expressly permitted to create GitLab repositories not only for source code but also for the development of concepts, which unintentionally contributes to the paper tiger image.
Other open source activists cannot understand the harsh criticism and generally welcome the platform. “Munich taught us that you have to take an administration with you,” warns Alexander Sander of the Free Software Foundation Europe (FSFE) against demands that are too radical. For years, FSFE has campaigned for the priority of free software in government projects with the “Public Money, Public Code” campaign. “It’s not about making progress as quickly as possible, but making good progress,” pleads Sander.
Peter H. Ganten, Chairman of the Open Source Business Alliance (OSBA), is also satisfied: “With Open CoDE, administrations have the opportunity, in line with the open source culture, to break new ground and find suitable solutions for their own requirements to find and develop.” Ganten does not see an isolated solution in the platform either. “Because OpenCoDE is a standard Git, the repository can also be connected to Gits from other European platforms.” The positive assessment of the OSBA is not surprising, the project is based on the idea of a joint working group of OSBA and Vitako, the association of municipal IT service providers. In autumn 2020, the two associations outlined a “place for public code” in a position paper, with which they were able to win over federal CIO Markus Richter for a pilot project.
In the further course, however, it was a difficult process to enlighten the ministry and commissioned consultants about open source software, a member of the working group tells c’t. Open CoDE is therefore a compromise solution with potential for improvement. It is now primarily a platform for cooperation between public institutions, while private companies from the open source environment are not integrated to the desired extent. In addition, the focus is on the technical provision.
For Alexander Sander from the FSFE, this is only one building block. You also need resources for this, for example for training or community management. In the first draft of the budget, the traffic light coalition initially had no funds at all for open source projects such as the planned “Center for Digital Sovereignty of Public Administration” (ZenDiS). In the future, ZenDiS is to take over the sponsorship, since Open CoDE is part of the German management cloud strategy. A good 700,000 euros are now earmarked for this.
Despite the current problems, the platform offers the necessary prerequisites. She sets a good example and uses open source such as the public code format from Italy instead of solitary new developments. The reference to the ministries involved helps open source advocates within public administration to clear some concerns out of the way. However, the projects represented on Open CoDE must dare to develop their software in public. Only then does the platform become attractive.
Don’t be afraid of your e-mail inbox anymore! In c’t 19/2022 we explain how to avoid the phishing danger. Learn how to better detect ransomware threats and mitigate attachments. To do this, we test PCIe cards, card readers, cables and SSDs that can handle Turbo USB with 20 Gbit/s and show you how to monitor the performance of your PV system. You can read that and more in the current issue of c’t.
Email without the risk of phishing
Super fast USB up to 20 Gbit/s
Balcony power plants: measure electricity production
The Videoident hack and its potential consequences
Test: Palm-sized, fanless miniature PC
Test: Android newcomer: Nothing Phone (1)
Practice: Interactively evaluating data from the James Webb telescope
Metaverse: Problems, Visions and Promises
Fritzbox project: Raspi monitors line quality
c’t 19/2022 in the Heise shop