The dam holding back U.S. federal adoption of open source just burst with the introduction of the Defense Department's Forge.mil.
Despite being based on SourceForge's technology, Forge.mil has one significant difference: security. As David Mihelcic, chief technology officer for the Defense Information Systems Agency, told Federal Computer Week, the Department of Defense's code repository has been "upgraded to meet DOD security requirements," with smart cards used to provide log-in credentials.
There are only three open-source projects hosted at Forge.mil so far, and it's initially restricted to the Defense Department's technology community, but I suspect this number will soon increase as various federal agencies discover it and ask to collaborate on code through it. It's also a new way for vendors to participate in Defense Department projects, as Mihelcic noted about one project, which is designed to automate server configuration:
"Our intern had to stand up 50 Linux machines in a lab and he said, 'Boy I don't want to do this by hand; why can't I use Bastille to do this for me?'" Mihelcic said. "He looked at Bastille and saw it couldn't do all the things he needed, so he started an open-source project. He got folks like Red Hat to jump in and participate."
All of the code is open for public view, though only those with the right Defense Department credentials can edit or contribute to the projects. As the public sees the code, however, it's almost certain to lead to individuals wanting to contribute to the code.
The Defense Department, which has been pushing hard to get involved in open source for some time as a consumer, is now involved as a developer. In just a few years, open source has gone from being "risky" to one of the best ways to mitigate risk.
Editor's note: The code is actually based on CollabNet's SourceForge Enterprise code, not the SourceForge.net code base. CollabNet enables Forge.mil.
Follow me on Twitter at mjasay.