Addition of JSON Schema Keyword “allOf” in OPA Type Checker and the Overall Importance of Open-Source Projects/An Exploration of the Benefits and Drawbacks of Open-Source Projects

Friedman, Julia, School of Engineering and Applied Science, University of Virginia
JACQUES, RICHARD, EN-Engineering and Society, University of Virginia
Morrison, Briana, EN-Comp Science Dept, University of Virginia

Open-source software is free software that is publicly available and may be copied, utilized, and modified by anyone. The popularity of open-source software has been increasing in recent years, and more businesses are transitioning to using this type of software for their needs. Both my technical and STS research examine aspects of open-source, but in very different ways. My own interest in open-source was piqued during an internship at IBM where I completed a project that involved an enhancement to an existing open-source project; this work experience became the subject of my technical research. My STS research connects to my technical topic in that it explores the pros and cons of open-source in a business and ethical context. The combination of my technical experience, my computer science major, and my business minor influenced me to pursue research that explored the intersection of these areas.

STS Research Summary
My STS research focuses on the discovery of the positive and negative aspects of using open-source products, as well as how to make an appropriate and effective business decision using those data. The data I analyzed explores how different business scenarios relate to aspects of open-source and how that would either help or hinder a company. For example, a business that wants customization in their software might choose to use open-source because of the ability to add or remove features. This research is focused on both business circumstances involved in making this decision, and the ethics of open-source as a whole.
Although there does not exist one specific way for a business to make a decision about using open-source, the outcomes of this research allow companies to make informed decisions about the tradeoffs and ethics surrounding open-source. In sum, a business needs to first decide what they value in their operations (i.e., cost, customization, time-to-market, security, dependability), and decide from there whether or not open-source will be beneficial for their needs. A company must also consider how their choice of software will impact their integrity and ethical standing in terms of ensuring that their products are secure, honest, and accessible.

Technical Project Summary
While Open Policy Agent (OPA) provides an open-source engine that unifies policy enforcement across the cloud native stack, one of the limitations of its Rego type checker was the absence of the keyword “allOf.” The addition of this keyword enhanced OPA’s type checker, as users now receive detailed error messages regarding the use of this keyword. The “allOf” keyword, when included in an inputted JSON schema, implies that all of the fields immediately following it must be included in the policy being created. The addition of support for this keyword allows the type checker to recognize it and subsequently inform users if there is a mistake in their policy having to do with “allOf.” This extension eliminated a limitation of OPA’s type checker, and it was done via open-source code contributions. Future work could involve adding support for other keywords that are not yet implemented.

The juxtaposition of these two research projects helped provide context for the importance of what I did in my technical research at IBM. In isolation, my technical project was interesting and a great learning experience, but my broader exploration of open-source enhanced that learning and combined my interests in both computer science and business. Moreover, my STS research provided a valuable ethical background for distinct aspects of open-source. Through my technical and STS deliverables, I made meaningful contributions to both the open-source community as well as the potential users of open-source products. My technical project will benefit companies that utilize OPA for their policy management needs; they will have a more efficient debugging process, as I implemented an enhancement to the type checker that improves debugging error messages. My STS deliverable aims to benefit companies that are unsure of whether using an open-source product is the most tactical business decision for them. Such companies can evaluate the use of open-source through my practical and ethical analysis of the benefits and drawbacks of the nature of open-source products.

BS (Bachelor of Science)
open-source, IBM, Open Policy Agent, business, JSON schema, ethics of open-source

School of Engineering and Applied Science
Bachelor of Science in Computer Science
Technical Advisor: Briana Morrison
STS Advisor: Richard Jacques

All rights reserved (no additional license for public reuse)
Issued Date: