In this episode, our host Karsten Hohage talks to Powen Shiah and Mirko Swillus about the Sovereign Tech Fund. Established in 2022, it focuses on critical infrastructure in the public interest with the goal of supporting development, improvement, and maintenance of open-source components in digital infrastructure. The funding comes from the German Federal Ministry for Economic Affairs and Climate Action (Bundesministerium für Wirtschaft und Klimaschutz), as investing in digital commons strengthens innovation, economic competition, and democracy.

In this episode, our host Karsten Hohage talks to Max Mehl and Sebastian Wolf about Software Bills of Materials or SBOMs. An SBOM is a detailed record of all components within a software application, including open-source libraries, third-party dependencies and licenses. Max and Sebastian discuss the importance of SBOMs as well as some challenges and unanswered questions of the state of the art. They also speak with Karsten about SBOMs within SAP and Deutsche Bahn and the importance of SBOMs when it comes to open source.

In this episode, our host Karsten Hohage talks to Thomas Barber about project “Foxhound”, an SAP-maintained fork of Firefox (the web browser) that is designed to detect security vulnerabilities in websites. Thomas discusses the history of “Foxhound”, how and why it was created, and its journey to becoming an open-source project. He talks about the importance of the collaborations that made Foxhound successful and about some of the challenges that it has faced along the way. Anyone who wants to get involved in this project is welcome to visit the GitHub page to learn more.

In this episode our host Karsten Hohage talks to Ana Jiménez Santamaria about the TODO Group, a community dedicated to sharing knowledge, collaborating on practices, tools, and other ways to run effective Open Source Program Offices and similar initiatives. They discuss its history, mission, working mode, and how TODO Group provides a platform to connect peers and enables them to collaborate on projects that promote the integration of strategic open-source practices within different organizations. Everyone is welcome to join the TODO mission and contribute to the continuous development of best practices.

OCM is an extensible standard accompanied by a toolset designed to enable the automation of many software-lifecycle-related processes. It can be defined as a common machine-readable format for describing software components, which serves as a Software Bill of Delivery (SBoD). In this episode, our guests Jason Kafka and Ingo Kober discuss with host Karsten Hohage about OCM and why it is run as open source. Jason and Ingo also talk about their vision for OCM’s future, its applications, and its challenges.

Summer Break 2023 - We'll be back in August!

Credential Digger is an SAP Open-Source code scanner for detecting hardcoded secrets. In this episode, Slim Trabelsi discusses with host Karsten Hohage what led to the creation of Credential Digger and about its key differentiators. Slim also speaks of the early challenges of scanning for secrets, and lists the many advantages of using open source for building and maintaining Credential Digger. Open source comes with visibility for customers, and contributors can work on a project even before they join the team or after they leave, leading to improved continuity and a better tool overall.

In this episode, our host Karsten Hohage talks with Johannes Bechberger, who is an open-source developer at SAP. They discuss why and how Johannes promotes his work on SapMachine, OpenJDK, and profiling through blogging, speaking at conferences, and having a presence on social media. Johannes also shares tips and learnings collected on his journey of “doing good and talking about it”.

In this episode, our host Karsten Hohage talks with our guests Georg Gruetter from Robert Bosch and Michael Picht from SAP about common concerns regarding InnerSource. They debunk some of the frequent myths surrounding InnerSource and explain the many benefits of its utilization, including its versatility and its innovative and collaborative nature. In the course of the conversation, they also discuss how InnerSource code can be maintained successfully and what can be done for quality control.

In this episode, our host Karsten Hohage talks with our guests Alan Clarke and Keith Seigel about SUSE Enterprise Linux and and Linux in general. The speakers discuss how the SUSE distribution relates to Linux as an open source project and and talk about the development of new projects like Trento. They also mention the certification process, the subscription for patches and updates, discuss an example of fixing a HANA on SUSE issue, and explain the importance of the long-standing partnership with SAP for SUSE's business.

In this episode, our host Karsten Hohage talks with our guests Christian Georgi and Daniel Hutzel about the SAP Cloud Application Programming Model (CAP), a Software Development Kit (SDK) to build applications in the enterprise world. They speak about how CAP is gradually being open-sourced so that it can evolve with the help of its community. This will allow, for instance, the support of additional databases, consumption protocols, and UI frameworks. We also learn how the CAP team has engaged with the community so far and how this motivated them to open source it.

In this episode, our host Karsten Hohage talks with our guest Christoph Szymanski about Project Piper, an open source library for the creation of continuous integration and delivery pipelines. Christoph speaks about how Project Piper relates to the SAP-proprietary service “SAP Continuous Integration and Delivery“ and how Piper became a successful offering to anybody working with SAP development projects. We also learn why Christoph loves the unpopular task of writing tests and how these are the key factor to continuous delivery and integration.

In this episode, our host Karsten Hohage talks with our guest Arne Arnold from RedHat about Linux and the role of distributors in the open-source world. Arne speaks about his journey from SAP to RedHat and how the distributor made its way to become a catalyst for open-source communities. We also learn how Arne started his Linux career contributing to the search for extraterrestrial life from his student dormitory and about SAP’s contribution to Linux becoming the leading server operating system worldwide.

In this episode, our host Karsten Hohage talks with our guest Shane Coughlan about OpenChain by the Linux Foundation and some other projects that build trust in the supply chain. Shane gives an overview of developments around open source and intellectual property over the last 20 years. We also learn about why OpenChain can be compared to shipping containers, and how organizations like the NSA have embraced Linux for secure US government operations.

In this episode, our host Karsten Hohage talks with our guests Ruben Koster and Beyhan Veli about Cloud Foundry, a platform-as-a-service offering for application developers. Ruben and Beyhan talk about their personal journey with Cloud Foundry, how it works, and how it relates to VMware, Pivotal, and SAP. We also learn about their run for Cloud Foundry’s Technical Oversight Committee and their future vision for the platform.

In this episode, our host Karsten Hohage talks with our guests Volker Buzek and Peter Muessig about wdi5, an open-source end-to-end testing framework for UI5. Volker and Peter explain the history of wdi5, how to use it, and how it became a community project. We also learn about planned features of wdi5 and how to best get involved.

In this episode, our host Karsten Hohage talks with our guest Dr. Dawn Foster, PhD. from VMware about VMware’s open source strategy, and the importance of community and project health. Dawn explains project health metrics, how they contribute to improving projects, and how well-documented processes and governance help scale communities and keep them healthy. We also learn about Dawn’s impressive experience in the IT industry as she takes us through the various stages of her professional and academic career.

In this episode, our host Karsten Hohage talks to Nell Shamrell-Harrington from Microsoft and Sebastian Wolf from SAP about ClearlyDefined, a central data store for all open-source licenses across many different open-source ecosystems, and open source supply chain security at Microsoft. Nell explains both projects, talks about Microsoft’s open source history and evolution, and we also learn about the differences and similarities between Microsoft and SAP’s open source engagement from Sebastian.

In this episode, our host Karsten Hohage talks with Nemrude “Rudi” Verzano, head of Industry 4.0 and Digital Supply Chain Innovation at SAP, about the open-source initiatives in Gaia-X, Catena-X, and International Data Spaces that represent some of the cooperation efforts between the Fraunhofer Institute and some of SAP's large customers. Rudi explains the initiatives’ goals, how they came to be, and what benefits they offer. We also learn why joining forces with others can sometimes lead to the best results.

In this episode, our host Karsten Hohage talks with our guests Wolfgang Gehring and Christian Wege about FOSS at Mercedes-Benz Group AG. Wolfgang and Christian explain how and why Mercedes-Benz enables their employees to become and stay active in open source, which open-source projects they are working on, and how they contribute to the open-source world outside of Mercedes-Benz. We also learn why a so-called driver’s license is essential for working on open-source projects as a Mercedes-Benz employee.

In this episode, our host Karsten Hohage talks with Yordan Pavlov and Dragomir Anachkov about the open-source projects Eclipse Dirigible, an application platform, and XSK, an environment compatible with SAP HANA Extended Application Services (XS). Yordan and Dragomir explain the projects, how they relate to each other, why they were open-sourced, and the benefits they offer. We also learn how they differ from similar projects out there and how to best contribute to them.

In this episode, our host Karsten Hohage talks with our guests Christoph Langer and Thomas Stüfe about SapMachine, an SAP-distributed version of OpenJDK. Christoph and Thomas explain what SapMachine is, how it came to be and evolved, and why SAP contributes to the OpenJDK. We also learn about the difference between SapMachine, OpenJDK, and SAP JVM, and how to best get involved.

In this episode, Karsten Hohage talks with our guests DJ Adams and Jens Haley about the Open Documentation Initiative, an initiative to make the documentation of SAP Business Technology Platform content collaborative and interactive. DJ and Jens explain the project's current status, where it’s heading, and what makes it so unique. We also learn how to get involved and what the different types of collaboration are.

​In this episode, our host Karsten Hohage talks with our guests Jack Schueler and Sebastian Wolf about Watcom, a spinoff of the University of Waterloo from the 1980s. Jack, who is one of the founding employees of Watcom, talks about how the Watcom C/C++ project came to be, how it evolved over time, how it was open sourced in 2002, and what it is today. He also shares his personal journey and how he ultimately came to work at SAP. Along the way, we learn a lot about programming over the past five decades and how Watcom played an essential part in the development of Doom and Quake.

​In this episode Karsten Hohage talks with our guests Mladen Droshev and Fabian Tempel about the Fundamental Library, an open-source library created to help application developers align the user experience based on any web application framework with the SAP Fiori Design. Mladen and Fabian talk about their own Fundamental Library journey, explain the benefits of using it, and how to best get started.

​In this episode Karsten Hohage talks with our guests André Borrmann and Philipp Degler about Rust, a programming language that was open-sourced from the start. Philipp and André talk about Rust’s evolution, explain its growing popularity within the community, and explore the possibilities it offers. We also learn why a strict compiler is better than a friendly one and why working with Rust can sometimes feel like raising a child.

​In this episode Karsten Hohage talks with our guests Marika Marszalkowski and Frank Essenberger about the SAP Cloud SDK, an NPM library which helps develop web applications on SAP’s Business Technology Platform. We learn about the evolution and benefits of the SDK, the differences and similarities of its Java and JavaScript flavors, SAP’s decision to run it as an open source project, and the challenges and benefits associated with all this. Marika and Frank also explain how to best get started with the SDK on GitHub.

​ In this episode Karsten Hohage talks with Dobrinka Mladenova and Janaka Bohr about how the license compliance processes for open source at SAP evolved over the past 20 years. By, for example, implementing automation, tools, and standardization, SAP now has a developer-friendly approach and at the same time addresses crucial customer concerns. Dobrinka and Janaka speak about OpenChain, the international standard for open source compliance, and discuss SAP’s involvement in ClearlyDefined. We will also find out why it sometimes takes a postcard or a beer to be license compliant.

​In this episode Karsten Hohage talks with our guests Holger Streidl, Corporate Open Source Officer at Carl Zeiss AG and Peter Giese, Director of the SAP Open Source Program Office. They address many of the questions that arise for an enterprise when establishing an OSPO and talk about the commonalities or differences of the OSPOs and their approaches at ZEISS and SAP – for example, when creating policies, building a legal framework, ensuring license compliance, or setting up training and education for the internal community.

​In this episode Karsten Hohage talks with our guests Michael Bernhardt and Artem Smotrakov about Fosstars, a java-based framework that allows you to define various ratings for open source projects. The name “Fosstars” is a combination of “FOSS” for “Free and Open Source Software” and the concept of rating products or services with “stars”. It helps software engineers and architects to quickly assess various aspects of open source components, such as their security, maturity, etc. It is often difficult to analyze the actual code of all the open source components in an application and compare them with respect to various aspects. To make it easier, Fosstars offers ratings that are based on publicly available information about the projects, such as adopted security tools and best practices, activity of the community, and many more. Thus, Fosstars is a project, that deals with other open source projects, making the natural approach to it – guess what – open source!

​In this episode Karsten Hohage talks with our guests Klaus Häuptle and Florian Hoffmann about the importance of having a readable and maintainable codebase to ensure sustainable development. Klaus and Florian started an internal repository with best practices for maintainable and readable ABAP code. Through info sessions with many hundreds of participants, intense discussions, and great contributions, SAP colleagues helped turn this into a treasure trove for modern ABAP’ers. Many developers asked if this would become available as a book, and if they would be allowed to share it with customers and partners. They soon realized that this initiative gained its early drive from its community and needed to remain part of that community. Thus, they opened it to contributions from inside and outside of SAP, hoping that this repository would help developers worldwide to make their ABAP code a little cleaner. In late 2020, they published the book “Clean ABAP” to help individual developers, teams, and entire organizations with learning and implementing clean ABAP.

​In this episode Karsten Hohage talks with our guests Andreas Kunz and Peter Muessig about OpenUI5. OpenUI5 is a JavaScript-based web user interface framework. One that specifically targets enterprise use cases, but can be used for any type of application. Andreas and Peter explain how OpenUI5, SAPUI5, and SAP Fiori are related and how OpenUI5 became an open source project. They elaborate why the modular structure of this probably largest open source project from SAP is an optimal fit for a community approach. Our guests also have some interesting examples how OpenUI5 has been used not only by SAP customers, but also by nuclear scientists as well as completely private individuals building an app for their kids. Overall, OpenUI5 engages a large community of contributors and followers, manifest in five-digit enrollment in online courses and very popular community events.

In this episode Karsten Hohage talks with our guests Krasimir Semerdzhiev and Valentin Vieriu about project „Kyma”. Kyma is an open source project built on top of Kubernetes that provides a platform to build extensions for cloud applications. Krasimir and Valentin talk about all the investigations, challenges, and learnings that come with such a project. We learn how and why Kyma got started, where the strange name comes from, and why it is an advantage for contributors that Kyma is based on Kubernetes. The episode also touches how Kyma scales, how it relates to other open source projects inside and outside the Cloud Native Computing Foundation (CNCF) and how you can get involved.

In this episode Karsten Hohage talks with our guests Vasu Chandrasekhara and Tim Usner about project Gardener. Today, Kubernetes is the natural choice for running software in the cloud. More and more developers and corporations are in the process of containerizing their applications, and many of them are adopting Kubernetes for automated deployments of their cloud native workloads. There are many open source tools which help creating and updating single Kubernetes clusters. However, the more clusters you need and the more infrastructures need to be supported, the harder it becomes to operate, monitor, manage, and keep all of them up-to-date. And that is exactly what project Gardener focuses on. Vasu and Tim explain in more detail what Gardener does, why open source is the natural approach to such a project, and how it makes the lives of cloud developers, architects, and operators easier.

​In this episode Karsten Hohage talks with our guest Fabienne Haag about the Open Source Outbound Process at SAP and how it was implemented. During the last few years, SAP has been actively initiating and maintaining its own open source projects. Many SAP employees contribute to these projects or to completely different ones. This led to the need to have a simple and transparent process in place. The new Open Source Outbound Process enables developers to easily and quickly start new open source projects and contribute to existing projects – both in a compliant and secure manner. The entire approval workflow is executed in Enterprise GitHub, which is close to the developer community and gives them an easy way to manage their open source contribution requests.

In this episode Karsten Hohage talks with our guest Michael Picht about InnerSource at SAP and why it should be the default development model at SAP. InnerSource is the practice of applying methodologies and best practices from open source projects to in-house software development. In an InnerSource approach, projects are open for contributions from other teams. This implies that they accept and build on these contributions – just as an open source project would. The major difference are the boundaries: the community is in-house, it only consists of colleagues, and the codebase cannot be accessed from outside of the company. By applying InnerSource in an enterprise software development context, you can increase quality, speed, collaboration, and developer joy. Moreover, especially large development organizations can break silos between different teams and encourage developers to expand their skills or use them to support cross-team projects.

SAP collaborated very closely with the German Government, Robert Koch Institute, Deutsche Telekom, and other partners to develop the Corona-Warn-App in an open source approach. The app warns the users, if they have been in close proximity to someone diagnosed with COVID-19. This helps to trace chains of infection and provides guidance to people who have tested positive. The decentralized approach and pseudonymization ensure the highest level of security and data privacy. In this episode, our host Karsten Hohage talks to one of the Community Managers of the open source project, that was established to develop the Corona-Warn-App. If you want to learn more about The Corona-Warn-App go to: https://www.coronawarn.app/en/ or GitHub: https://github.com/corona-warn-app and share your ideas with us: ospo@sap.com

​SAP is the 9th largest commercial contributor to open source projects. Mostly known for proprietary software, almost all of SAP’s solutions touch open source in one way or another. The Open Source Program Office, founded in April 2018, has the mission to nurture and support the open source approach to software development inside and outside of SAP. Listen to our host Karsten Hohage why Open Source is important in a global enterprise, why it is a triple win for customers, developers and SAP, and why you need an Open Source Program Office. These and more questions will be answered in this episode. If you want to learn more about Open Source at SAP go to: https://developers.sap.com/open-source.html and share your ideas with us: ospo@sap.com