// Part 2 of 3
Most of my work as an engineering manager has been teaching people how to scope work to smaller bits. So any time you have a big honking PR it's a nightmare to review—either too much discussion or none because no one can get their head around it.”
Open source communities also leveraged the value of automation.
Automation accelerates software delivery by helping teams automate their workflow, leaving more time to focus on the most critical work.
Open source projects that use GitHub Actions to automate their pull requests saw faster software delivery and better collaboration.
The patterns we learn about open source communication and automation can make enterprise teams more productive, too.
increase in the number of pull requests merged
decrease in time to merge
A vulnerability can wreak havoc on your work and cause large-scale security issues. However, most vulnerabilities are actually from mistakes not malicious attacks.
of vulnerabilities were
explicitly malicious but
triggered just 0.2% of alerts
of remaining vulnerabilities are the result of mistakes
By relying on open source when you can, your team benefits from all the fixes found and remediated by the community.
Time to remediate is an important component for all DevOps teams.
Vulnerabilities go undetected before being identified
for the community to code and release a fix after a vulnerability is identified
to alert the community on the availability of a security update
for users to apply the security update