Federal agencies must now share their own source code with one another. A bipartisan bill (H.R. 9556) requiring them to do came into affect this week.
This bill requires federal agencies to ensure that custom-developed code (i.e., source code that is produced under an agency contract, funded exclusively by the federal government, or developed by federal employees as part of their official duties) and certain technical components of the code such as architecture designs and metadata are (1) owned by the agency, (2) stored at no less than one public or private repository, and (3) accessible to federal employees under certain procedures. Agency contracts for custom-development of software must acquire and exercise rights sufficient to allow government-wide access, sharing, use, and modification of any custom-developed code.
Madison Alder writes that both chambers of congress approved the bill with overwhelming support in December on a voice vote. It may not surprise you to learn that GitHub and Atlassian also vocally supported the law.
Under the law, agency chief information officers are required to develop policies within 180 days of enactment that implement the act. Those policies need to ensure that custom-developed code aligns with best practices, establish a process for making the metadata for custom code publicly available, and outline a standardized reporting process.
Per the new law, metadata includes information about whether custom code was developed under a contract or shared in a repository, the contract number, and a hyperlink to the repository where the code was shared.
The British government has some relevant advice on the matter.
Previously:
• Sweary source code comments a sign of competence
• Fully-documented source code for classic 3D game Lander, AKA Zarch AKA Virus
• Diablo reverse-engineered in four months, without source code
