Thank you so much for attending for my talk.
So today I'm going to be talking about a topic that at the end of the talk I'm planning
to do like an open forum to hear your thoughts because, well, this is part of the presentation
and part of the discussion.
So we are talking about trying to find other areas where a dev rel can be critical and
valuable for an organization perspective and where are the risks of neglecting critical
open source infrastructure.
So before getting started, a little bit of myself.
And currently the project manager at Chuta Group, that is a Linux foundation project
formed by a group of community sharing open source from offices, best practices and tooling,
basically to help with open source management, open source operations and sharing the value
of OSPOS among organizations.
But before that I was working at Viteria, that is a software development analytics firm.
I spent there three and a half years and I can say that everything I know about open
source, like my very background was thanks to them so I own them a lot.
While I was in Viteria, I was also studying my masters in data science that I finished
and I focused my thesis on a really interesting report based on dev rel.
So I still have in my repo that is public in my GitLab account because I'm mixing between.
That was a set of Python scripts to gather and analyze data to measure the value of
dev rels when helping open source communities.
And right now I'm also studying another masters because I like to keep myself busy in front
of content and struggling with JavaScript.
In my spare time when I have some, I try to contribute to other open source communities
and foundations like in your source commons, open chains or chaos.
So that's me.
So before getting into the topic, I know this is quite boring, descriptions and definitions
but I think it's important because when we are talking about developer relations, you
can type on Google or in other search engines and they will give you thousands of definitions
and send to open source and also even when you type AI, it's like, oh, I don't really
understand what do we mean.
So I'm not here to set up a definition.
I'm here to at least say during this presentation, when we are referring to developer relations,
that is the definition we will use.
When we are referring to open source, that is the definition we will use.
And when we are referring to generative AI, that is the definition we will use.
So we will see developer relations as a discipline that focus on supporting developers and building
relationships with developers and also connecting with the organization's goals.
In open source, in this context, we will see it as a method and also as a culture to develop
and distribute software.
But we also saw that open source as a wide variety like open data, also open hardware
and so on.
And generative AI, because I know AI has been here for ages, but now people are calling
AI everything.
In here, we will put it in the technology capable on generating text, but also image
or other data, two models that basically is a generative model and that is why it's called
generative AI.
So our objectives for this presentation is basically answering these three questions,
the first one and most important I would say is how these three things are connected.
Because sometimes you talk open source, you talk about gen AI, and then you are also thinking
on the organization side about, okay, and how those are connected with the security and
innovation goals that an organization might have.
Also why so this organization considers this open source integration when investing in
AI.
And I think this is where DevRoss comes in, who can facilitate such connection.
So to start with, I wanted to really serve like the typical and really base and basic
process when gathering data and when training models and in sum up like the AI lifecycle
and try to ask ourselves where is open source here.
So when, because AI is just like a small part of the whole process when you also need to
clean the data which takes you sometimes like 80% of the whole time and then when you clean
the data you perform an experimentally analysis.
Like that is a process that is not just an AI, it has been on machine learning, it has
been also in the science studies.
There's not something new that we don't know, but I think an important question when looking
at around all this life cycle is to ask where is open source.
The sort of question, the answer would be, well, it's literally everywhere in any step
of the process.
And let me tell you why.
So around the technology stack when an organization decides to invest in artificial intelligence,
generative artificial intelligence in this case, there are different components that
they need to take care of or they need to start thinking of.
And in the technology stack you see tools for data collections or which generative AI
model to use because there are different ones.
What is the deep learning framework you will use?
Are they going to use TensorFlow, Python, Keras?
Also if you are thinking about putting into a container, what is the best tool or the
best framework to use as well?
When you are trying to represent that data, are you going to represent it in graphs?
Then maybe you use D3JS or are you going to represent it into another different format
and use Matplotlib?
I keep saying names and childrens and many, many of those childrens are open source.
I think that is when talking with organizations and not in the tech sector and more in the
business side, the decision makers.
They are not aware that when they say let's invest in AI or let's use this AI for creating
software or for our internal development, they are not aware that the technology stack,
the baseline that muters all that AI, it is powered by open source.
So now, well, you might see this famous image, I just edited it a bit.
So instead of thinking like modern infrastructure, think about the AI technology stack, how it
is like chat GPT and all these popular AI toolings, even though they are proprietary.
I mean, chat GPT is powered by PyTorch, that is open source.
But anyway, think about that and then think about these open source maintainers being
burned out because open source is just different from a proprietary software and organizations
selling proprietary software.
And I think that is the message that sometimes organizations might not want to understand.
So organizations are far more innovative and secure in collaboration than insulation,
but I think everyone here knows that.
I think organizations have in their minds like yes, the benefits of open source and so on,
but I think the tricky question here is how.
And I know in the other time we were talking about OSPOS and as a vehicle to make that happen.
But even OSPOS sometimes they are struggling to prove their value and to do the right work
because organizations don't understand how they just heard the word OSPOS and they just
go there and OSPOS cannot perform their work, for instance.
So how can organizations advance in their AI maturity?
So everything starts with people.
Let's start with the baseline.
And the people, it's a cross functional skill set of different areas.
So of course we need to have project managers, but we also need security and license compliance
and people managing the project health of the projects of the critical infrastructure,
also all the infrastructure on IT development.
In this talk, I know because this is really, really broad, I really want to focus on these
three areas that can be like more attached to what our developer relations or community
management role is.
So when coming back to this integration of open source and how it connects with Gen AI
and how it connects with the organizational schools in terms of security and innovation,
I believe, and again this will be later an open forum, that there was with this experience
in open source communities might be hidden gems for organizations that are right now
investing thousands and thousands of dollars or euros in using or creating Gen AI power
tools.
And why?
Okay, let's see the scope again.
So we already have seen that machine learning, I mean not only AI, there's a lot of information
that depends on open source projects.
And these projects are maintained by developers that require support, they really are seeking
for help because they cannot like, issues keep coming, keep going on and sometimes they
don't have enough hands.
And at that role that is this connector, this person that has the knowledge of an organization
and has and understand the needs of those developers, of those maintainers because maybe
in the past they were developers, they were open source maintainers too, can have to build
this relationship and can transmit to the community the value and also to the organization
a business value.
I think that is this person, this linchpin that can connect and help both worlds.
It's a win-win situation in my honest opinion.
So, two organizations that maybe I know like someone were asking, yeah it's hard for an
organization to prove the value of contributing to open source or using open source.
So I think it's smart to invest not just on the final product but to what is behind.
But it's smart to know how.
And I think we are now coming into a point where we know the benefits, we know like we
can think, analyze whether or not we should use or not use open source.
But when we are using open source, we need to know how or if not, the organization is
not going to see value and the communities are going to be at risk.
So, this comes from one of the blog posts from the open source.com blog.
And I think it's really interesting to see like how the old software supply chain funnel
was and now how with open source you are putting a new layer and organization needs to really
understand that layer.
Because since it's a supply chain funnel, if someone fails at the very beginning, it
will impact to their product, it will impact to their services and to their customers and
to money.
If it's a company and if not, it will impact to the experience.
For instance, if we are talking with a government or a public administration.
So, how we were talking about people, but there are other ways also to make that happen.
Because sometimes one person is not enough.
As I mentioned earlier, it's about a cross functional team or a skill set of people.
We were mentioning that there was a really critical role.
But there are people with experience in license compliance.
There are people with experience in security compliance and infrastructure.
So, if an organization is creating this cross functional team with different experts who
sets the world for us in the organization.
Because everyone will have different micro goals, different objectives, how can we put
order into all these scales.
This is a way, there is a way, but there are other many ways on how that to bring this
connection and also connect with the different teams in the organization.
Because here when we are talking about open source, we are talking about open source as
a way to integrate it into the existing organizational teams.
So we are thinking about how open source can help engineering teams to do their things,
the things they have been doing, but with open source.
And we are also helping the security team to do their things they have been doing also
with open source.
It's about integrating open source in what already exists.
So there is one of the vehicles that has been proven to be effective in many organizations,
that is OSPOS.
And OSPOS sometimes they have devils and project manager, they have legal experts, they have
security experts.
So it's in a nutshell, this dedicated cross functional team.
They don't need to be physical team, they can be virtual.
So they can already have like in having like this advisors or experts into the different
teams that the organization have.
And these are some of the success stories based on the state of the OSPOS 2023 report.
This is a study conducted by the organization I am currently working for, that is the children
group has been doing this since 2018.
And you have all the raw data in case you want to know like the devolution since in
the children group's last OSPOS survey GitHub report.
And in here the last year we saw that 93% of the OSPOS, the participants that responded
they were part of the OSPOS, they had an OSPON, the organization were providing advice to
security teams.
And they also, we also saw that these OSPOS were really engaging in current age technology.
Like containers or AI or data science.
And also we saw in terms of how effective are those organizations providing upstream
contributions like contributing back to those projects.
We saw also a really big impact for those organizations who had OSPOS.
So I'm not saying that the solution is OSPOS, but it's true that we are saying that...
No, no, I mean I feel like...
I'm not saying that, but just look at the data, no.
All right.
So you have the study there in case you want to be a bit more into that.
So this was like a small break, but let's come back to the red-bird role.
That can be in an OSPOS or not.
I wanted to open the now the room for those people to think about what to the red-bird role description
of the characteristics we have seen, like with an open source background, with an organization
that has this deep AI involvement or they are willing to invest more in AI could look like.
These are some examples I added, like for instance that the red-bird might have to have maybe an understanding on how
the genitive AI models works much similar and how the different much similar frameworks works.
Maybe they have been working already with some of those frameworks.
They should have experience in contributing or maintaining open source projects in their past or currently.
And disability, so this is more like their typical skill set, right?
So advocates, developers need and be able to communicate that feedback to the organization.
And disability could collaborate with organizations, with foundations, with independent maintainers from
open source projects to co-create value because open source is a community of communities.
So, yeah, this is to sum up with, I would like to open this open forum with this question,
like how can we address the value of the role in AI field and teams to decision makers that basically
are the ones that might be putting the money and investment.
And yeah, thank you.
Thank you.
Anybody have any questions?
So, have you thought about how this might change in the next couple of months or a year from now
when we move towards, rather, an actual open source definition of AI?
Because what you've described are, is AI, and brilliantly, AI that's using a lot of open source tools.
But the open source initiative is trying to figure out what the open AI definition is.
Do you feel like that's going to change thesis a little bit or it's not really,
that the problem will be the same?
I think that can be like a different scope.
I'm also aware in the working group that the open source initiative is doing to come up with an open source definition of AI.
I know it's hard because open source, for those who are unaware, open source is like software and in that sense
it's like, okay, this is a way to distribute it, but AI has different components.
What about the training models? What about the outcomes?
What about the model itself?
So it has different components and they need to define that.
So it's hard.
I will say, coming back to your question, I think that that is another angle.
Like the organization can decide whether or not to use open source in their AI.
And if they use open source, they might still need help from their brothers and people to take care of that critical infrastructure.
But if they are not using open source AI, if they are still using TADGPT or other framework that is proprietary for building their machine learning models,
they still need to do that.
But maybe the planning or the objectives are going to be different from an organization that in the last phase they are still using open source
versus an organization that in the last phase they are using proprietary software.
Thank you for the presentation.
And I just want to say that I think it's wonderful actually because in every discussion around open source that I've heard around AI today,
it has been this kind of open source AI versus closed source AI.
So I think the opportunity to remind people that so much of closed source AI is still dependent on open source technology is a huge...
Like it's kind of like, which way you go, these are the things that need to be addressed and you can only do that by getting engaged in the open source ecosystem.
It's a huge, powerful message actually. So thank you for highlighting it.
And I guess the question I would have is how would we do that more?
Because the conversation around open source in AI seems to be all around this, how do we define open source AI?
But actually this point is probably more powerful and potentially more beneficial for the open source ecosystem
because it's definitely true and there's definitely things you can do today to support that whole ecosystem.
So how can we as a community kind of highlight that I guess? It gets lost in that other question.
So what has been helping me is to focus on the supply chain funnel.
Because like organizations are focused on just the tip of the iceberg and when they give a closer, like a deeper view on the whole picture, they say, oh, okay.
So this is like a domino, is it called? Yeah, like a domino thing.
Like if I screw up at the very beginning and everything is going to fall down.
So that's what has worked, not saying, maybe others will say it's not so.
Thank you. Great talk. Your question at the end posed around DevRel.
Very compelling argument and I don't think you'd get much disagreement.
But we seem to be losing the battle and losing DevRel's as pay positions.
It seems to be the first thing that gets cut. Do you have any thoughts on that?
Yeah, so you mean that right now they are going through a lot of the layoffs.
And so, yeah, so actually, and I don't know if the message was quite understood of this talk,
was to try to explore like other areas where the DevRel can provide value.
Like there's going layoffs in DevRel, but on the other hand, organizations are investing thousands on AI.
Like they are obsessed and it's like, are you obsessed with that? Okay.
But in the other hand, you are losing and you are, yeah, you're losing the talent that will secure
and will help you to your AI planning and strategy.
So that was like the main goal of this to try to explore this role of DevRel into this emerging trends where the investment is going through.
So how do we help DevRel's reposition themselves into that AI space?
I think like, like giving like certain kinds of talks to like, related with AI and where the DevRel's can be helping.
Like advocacy is always helping.
And also maybe start exploring these job descriptions.
I feel like, like for instance, in the Tudor group, we have these Ospo descriptions where we serve it in public.
And then organizations use it to hire talent.
Maybe like having this kind of like similar framework for a DevRel, like, okay, where can we include job descriptions?
And we can include this AI DevRel and start advocating from that angle might help.
Just a comment on that. I'm sorry, I came in late. I love that it's women also caring about developer relations.
I work on an open source project that's building AI infrastructure.
And we are at such a low level of the tech stack right now.
We hope to be able to build developer tooling and provide a product that will give people access to that infrastructure.
But we are just at such early stages.
And I wonder if that's not also a problem for other projects right now is we're just not at a level of the stack that there's really good developer tooling to market.
Because I think that's when DevRel becomes really powerful when you have a product people can use.
So I would encourage DevRelers to become more active as product builders and help your engineering and more technical teams actually productize what they're doing right now.
So the question.
It's not a question.
Oh, okay, okay. I was like, I think it was like a sense.
Okay.
Anybody else have any questions for Anna?